web: use multi-stage building for the container file

web: remove all unnecessary junk from the container after building (experiment & saves ~2GBs)
2024-12-14 00:07:59 -05:00 · 2024-12-12 18:39:10 -05:00
107 changed files with 4115 additions and 18287 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,91 +0,0 @@
---
-kind: pipeline
-type: docker
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-  - name: api
-    image: plugins/docker
-    settings:
-      registry: registry.itzana.me
-      repo: registry.itzana.me/strafesnet/maptest-api
-      tags:
-        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
-        - ${DRONE_BRANCH}
-      username:
-        from_secret: REGISTRY_USER
-      password:
-        from_secret: REGISTRY_PASS
-      dockerfile: Containerfile
-      context: .
-    when:
-      branch:
-        - master
-        - staging
-
-  - name: frontend
-    image: plugins/docker
-    settings:
-      registry: registry.itzana.me
-      repo: registry.itzana.me/strafesnet/maptest-frontend
-      tags:
-        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
-        - ${DRONE_BRANCH}
-      username:
-        from_secret: REGISTRY_USER
-      password:
-        from_secret: REGISTRY_PASS
-      dockerfile: web/Containerfile
-      context: web
-    when:
-      branch:
-        - master
-        - staging
-
-  - name: validator
-    image: plugins/docker
-    settings:
-      registry: registry.itzana.me
-      repo: registry.itzana.me/strafesnet/maptest-validator
-      tags:
-        - ${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
-        - ${DRONE_BRANCH}
-      username:
-        from_secret: REGISTRY_USER
-      password:
-        from_secret: REGISTRY_PASS
-      dockerfile: validation/Containerfile
-      context: validation
-    when:
-      branch:
-        - master
-        - staging
-
-  - name: deploy
-    image: argoproj/argocd:latest
-    commands:
-      - argocd login --grpc-web cd.stricity.com --username $USERNAME --password $PASSWORD
-      - argocd app --grpc-web set ${DRONE_BRANCH}-maps-service --kustomize-image registry.itzana.me/strafesnet/maptest-api:${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
-      - argocd app --grpc-web set ${DRONE_BRANCH}-maps-service --kustomize-image registry.itzana.me/strafesnet/maptest-frontend:${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
-      - argocd app --grpc-web set ${DRONE_BRANCH}-maps-service --kustomize-image registry.itzana.me/strafesnet/maptest-validator:${DRONE_BRANCH}-${DRONE_BUILD_NUMBER}
-    environment:
-      USERNAME:
-        from_secret: ARGO_USER
-      PASSWORD:
-        from_secret: ARGO_PASS
-    depends_on:
-      - api
-      - frontend
-      - validator
-    when:
-      branch:
-        - master
-        - staging
---
-kind: signature
-hmac: 1162b329a9cad12b4c5db0ccf8b8998072b0de9279326f76a493fd0af6794095
-
-...
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1 @@
-.idea
-/target
+.idea
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +0,0 @@
-[workspace]
-members = [
-	"validation",
-	"validation/api",
-]
-resolver = "2"
--- a/3
+++ b/3
@@ -7,6 +7,9 @@ WORKDIR /app
 # Copy go.mod and go.sum files
 COPY go.mod go.sum ./

+# Download dependencies
+RUN --mount=type=secret,id=netrc,dst=/root/.netrc go mod download
+
 # Copy the entire project
 COPY . .

--- a/12
+++ b/12
@@ -1,12 +0,0 @@
-submissions:
-	DOCKER_BUILDKIT=1 docker build . -f Containerfile -t maps-service-submissions
-
-web:
-	docker build web -f web/Containerfile -t maps-service-web
-
-validation:
-	docker build validation -f validation/Containerfile -t maps-service-validation
-
-all: submissions web validation
-
-.PHONY: submissions web validation
--- a/README.md
+++ b/README.md
@@ -26,12 +26,6 @@ Prerequisite: golang installed

 Prerequisite: bun installed

-The environment variable `API_HOST` will need to be set for the middleware.
-Example `.env` in web's root:
-```
-API_HOST="http://localhost:8082/v1/"
-```
-
 1. `cd web`
 2. `bun install`

@@ -49,12 +43,6 @@ Prerequisite: rust installed
 1. `cd validation`
 2. `cargo run --release`

-Environment Variables:
- ROBLOX_GROUP_ID
- RBXCOOKIE
- API_HOST_INTERNAL
- NATS_HOST
-
 #### License

 <sup>
--- a/compose.yaml
+++ b/compose.yaml
@@ -3,25 +3,32 @@ networks:
  maps-service-network:
    driver: bridge

+secrets:
+  netrc:
+    file: /home/quat/.netrc
+
 services:
  nats:
    image: docker.io/nats:latest
    container_name: nats
-    command: ["-js"] #"-DVV"
+    command: ["-js"]
    networks:
      - maps-service-network
+    ports:
+      - "4222:4222"

-  submissions:
-    image:
-      maps-service-submissions
-    container_name: submissions
+  maps-service:
+    build:
+      secrets:
+        - netrc
+      context: .
+      dockerfile: Containerfile
+    container_name: maps-service
    command: [
      # debug
      "--debug","serve",
      # http service port
-      "--port","8082",
-      # internal http endpoints
-      "--port-internal","8083",
+      "--port","8081",
      # postgres
      "--pg-host","10.0.0.29",
      "--pg-port","5432",
@@ -30,97 +37,38 @@ services:
      "--pg-password","happypostgresuser",
      # other hosts
      "--nats-host","nats:4222",
-      "--auth-rpc-host","authrpc:8081",
-      "--data-rpc-host","dataservice:9000",
+      "--auth-rpc-host","localhost:8090"
    ]
    depends_on:
-      - authrpc
      - nats
    networks:
      - maps-service-network
    ports:
-      - "8082:8082"
+      - "8081:8081"

  web:
-    image:
-      maps-service-web
+    build:
+      context: web
+      dockerfile: Containerfile
    networks:
      - maps-service-network
    ports:
      - "3000:3000"
-    environment:
-      - API_HOST=http://submissions:8082/v1

  validation:
-    image:
-      maps-service-validation
+    build:
+      context: validation
+      dockerfile: Containerfile
    container_name: validation
-    env_file:
-      - ../auth-compose/strafesnet_staging.env
    environment:
-      - ROBLOX_GROUP_ID=17032139 # "None" is special case string value
-      - API_HOST_INTERNAL=http://submissions:8083/v1
+      - RBXCOOKIE=RBXCOOKIE
+      - API_HOST=http://localhost:8081
      - NATS_HOST=nats:4222
+      - DATA_HOST=http://localhost:9000
    depends_on:
      - nats
-      # note: this races the submissions which creates a nats stream
+      # note: this races the maps-service which creates a nats stream
      # the validation will panic if the nats stream is not created
-      - submissions
-      - dataservice
+      - maps-service
    networks:
      - maps-service-network
-
-  dataservice:
-    image: registry.itzana.me/strafesnet/data-service:master
-    container_name: dataservice
-    environment:
-      - DEBUG=true
-      - PG_HOST=10.0.0.29
-      - PG_PORT=5432
-      - PG_USER=quat
-      - PG_DB=data
-      - PG_PASS=happypostgresuser
-    networks:
-      - maps-service-network
-
-  authredis:
-    image: docker.io/redis:latest
-    container_name: authredis
-    volumes:
-      - redis-data:/data
-    command: ["redis-server", "--appendonly", "yes"]
-    networks:
-      - maps-service-network
-
-  authrpc:
-    image: registry.itzana.me/strafesnet/auth-service:staging
-    container_name: authrpc
-    command: ["serve", "rpc"]
-    environment:
-      - REDIS_ADDR=authredis:6379
-      - RBX_GROUP_ID=17032139
-    env_file:
-      - ../auth-compose/auth-service.env
-    depends_on:
-      - authredis
-    networks:
-      - maps-service-network
-    logging:
-      driver: "none"
-
-  auth-web:
-    image: registry.itzana.me/strafesnet/auth-service:staging
-    command: ["serve", "web"]
-    environment:
-      - REDIS_ADDR=authredis:6379
-    env_file:
-      - ../auth-compose/auth-service.env
-    depends_on:
-      - authredis
-    networks:
-      - maps-service-network
-    ports:
-      - "8080:8080"
-
-volumes:
-  redis-data:
--- a/generate.go
+++ b/generate.go
@@ -1,4 +1,3 @@
 package main

 //go:generate go run github.com/ogen-go/ogen/cmd/ogen@latest --target pkg/api --clean openapi.yaml
-//go:generate go run github.com/ogen-go/ogen/cmd/ogen@latest --target pkg/internal --clean openapi-internal.yaml
--- a/openapi-internal.yaml
+++ b/openapi-internal.yaml
@@ -1,398 +0,0 @@
-openapi: 3.1.0
-info:
-  title: StrafesNET Internal - OpenAPI 3.1
-  description: Internal operations inaccessible from the public internet.
-  version: 0.1.0
-tags:
-  - name: Submissions
-    description: Submission operations
-paths:
-  /submissions/{SubmissionID}/validated-model:
-    post:
-      summary: Update validated model
-      operationId: updateSubmissionValidatedModel
-      tags:
-        - Submissions
-      parameters:
-        - $ref: '#/components/parameters/SubmissionID'
-        - name: ValidatedModelID
-          in: query
-          required: true
-          schema:
-            type: integer
-            format: int64
-        - name: ValidatedModelVersion
-          in: query
-          required: true
-          schema:
-            type: integer
-            format: int64
-      responses:
-        "204":
-          description: Successful response
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /submissions/{SubmissionID}/status/validator-validated:
-    post:
-      summary: (Internal endpoint) Role Validator changes status from Validating -> Validated
-      operationId: actionSubmissionValidated
-      tags:
-        - Submissions
-      parameters:
-        - $ref: '#/components/parameters/SubmissionID'
-      responses:
-        "204":
-          description: Successful response
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /submissions/{SubmissionID}/status/validator-failed:
-    post:
-      summary: (Internal endpoint) Role Validator changes status from Validating -> Accepted
-      operationId: actionSubmissionAccepted
-      tags:
-        - Submissions
-      parameters:
-        - $ref: '#/components/parameters/SubmissionID'
-        - name: StatusMessage
-          in: query
-          required: true
-          schema:
-            type: string
-            minLength: 0
-            maxLength: 4096
-      responses:
-        "204":
-          description: Successful response
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /submissions/{SubmissionID}/status/validator-uploaded:
-    post:
-      summary: (Internal endpoint) Role Validator changes status from Uploading -> Uploaded
-      operationId: actionSubmissionUploaded
-      tags:
-        - Submissions
-      parameters:
-        - $ref: '#/components/parameters/SubmissionID'
-        - name: UploadedAssetID
-          in: query
-          required: true
-          schema:
-            type: integer
-            format: int64
-      responses:
-        "204":
-          description: Successful response
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /script-policy:
-    get:
-      summary: Get list of script policies
-      operationId: listScriptPolicy
-      tags:
-        - ScriptPolicy
-      parameters:
-      - $ref: "#/components/parameters/Page"
-      - $ref: "#/components/parameters/Limit"
-      - name: FromScriptHash
-        in: query
-        schema:
-          type: string
-          minLength: 16
-          maxLength: 16
-      - name: ToScriptID
-        in: query
-        schema:
-          type: integer
-          format: int64
-      - name: Policy
-        in: query
-        schema:
-          type: integer
-          format: int32
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: "#/components/schemas/ScriptPolicy"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-    post:
-      summary: Create a new script policy
-      operationId: createScriptPolicy
-      tags:
-        - ScriptPolicy
-      requestBody:
-        required: true
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/ScriptPolicyCreate'
-      responses:
-        "201":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Id"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /scripts:
-    get:
-      summary: Get list of scripts
-      operationId: listScripts
-      tags:
-        - Script
-      parameters:
-      - $ref: "#/components/parameters/Page"
-      - $ref: "#/components/parameters/Limit"
-      - name: Hash
-        in: query
-        schema:
-          type: string
-          minLength: 16
-          maxLength: 16
-      - name: Name
-        in: query
-        schema:
-          type: string
-          maxLength: 128
-      - name: Source
-        in: query
-        schema:
-          type: string
-          maxLength: 1048576
-      - name: SubmissionID
-        in: query
-        schema:
-          type: integer
-          format: int64
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: "#/components/schemas/Script"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-    post:
-      summary: Create a new script
-      operationId: createScript
-      tags:
-        - Scripts
-      requestBody:
-        required: true
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/ScriptCreate'
-      responses:
-        "201":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Id"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /scripts/{ScriptID}:
-    get:
-      summary: Get the specified script by ID
-      operationId: getScript
-      tags:
-        - Scripts
-      parameters:
-        - $ref: '#/components/parameters/ScriptID'
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Script"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-components:
-  parameters:
-    SubmissionID:
-      name: SubmissionID
-      in: path
-      required: true
-      description: The unique identifier for a submission.
-      schema:
-        type: integer
-        format: int64
-    ScriptID:
-      name: ScriptID
-      in: path
-      required: true
-      description: The unique identifier for a script.
-      schema:
-        type: integer
-        format: int64
-    Page:
-      name: Page
-      in: query
-      required: true
-      schema:
-        type: integer
-        format: int32
-        minimum: 1
-    Limit:
-      name: Limit
-      in: query
-      required: true
-      schema:
-        type: integer
-        format: int32
-        minimum: 1
-        maximum: 100
-  schemas:
-    Id:
-      required:
-      - ID
-      type: object
-      properties:
-        ID:
-          type: integer
-          format: int64
-    Script:
-      required:
-      - ID
-      - Name
-      - Hash
-      - Source
-      - ResourceType
-      - ResourceID
-      type: object
-      properties:
-        ID:
-          type: integer
-          format: int64
-        Name:
-          type: string
-          maxLength: 128
-        Hash:
-          type: string
-          minLength: 16
-          maxLength: 16
-        Source:
-          type: string
-          maxLength: 1048576
-        ResourceType:
-          type: integer
-          format: int32
-        ResourceID:
-          type: integer
-          format: int64
-    ScriptCreate:
-      required:
-      - Name
-      - Source
-      - ResourceType
-#     - ResourceID
-      type: object
-      properties:
-        Name:
-          type: string
-          maxLength: 128
-        Source:
-          type: string
-          maxLength: 1048576
-        ResourceType:
-          type: integer
-          format: int32
-        ResourceID:
-          type: integer
-          format: int64
-    ScriptPolicy:
-      required:
-      - ID
-      - FromScriptHash
-      - ToScriptID
-      - Policy
-      type: object
-      properties:
-        ID:
-          type: integer
-          format: int64
-        FromScriptHash:
-          type: string
-          minLength: 16
-          maxLength: 16
-        ToScriptID:
-          type: integer
-          format: int64
-        Policy:
-          type: integer
-          format: int32
-    ScriptPolicyCreate:
-      required:
-      - FromScriptID
-      - ToScriptID
-      - Policy
-      type: object
-      properties:
-        FromScriptID:
-          type: integer
-          format: int64
-        ToScriptID:
-          type: integer
-          format: int64
-        Policy:
-          type: integer
-          format: int32
-    Error:
-      description: Represents error object
-      type: object
-      properties:
-        code:
-          type: integer
-          format: int64
-        message:
-          type: string
-      required:
-        - code
-        - message
--- a/openapi.yaml
+++ b/openapi.yaml
@@ -6,104 +6,32 @@ info:
 servers:
  - url: https://submissions.strafes.net/v1
 tags:
-  - name: Session
-    description: Session operations
  - name: Submissions
    description: Submission operations
  - name: Scripts
    description: Script operations
  - name: ScriptPolicy
    description: Script policy operations
-security:
-  - cookieAuth: []
 paths:
-  /session/user:
-    get:
-      summary: Get information about the currently logged in user
-      operationId: sessionUser
-      tags:
-        - Session
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/User"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /session/roles:
-    get:
-      summary: Get list of roles for the current session
-      operationId: sessionRoles
-      tags:
-        - Session
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Roles"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /session/validate:
-    get:
-      summary: Ask if the current session is valid
-      operationId: sessionValidate
-      tags:
-        - Session
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                type: boolean
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
  /submissions:
    get:
      summary: Get list of submissions
      operationId: listSubmissions
      tags:
        - Submissions
-      security: []
      parameters:
-      - $ref: "#/components/parameters/Page"
-      - $ref: "#/components/parameters/Limit"
-      - name: DisplayName
-        in: query
-        schema:
-          type: string
-          maxLength: 128
-      - name: Creator
-        in: query
-        schema:
-          type: string
-          maxLength: 128
-      - name: GameID
-        in: query
-        schema:
-          type: integer
-          format: int32
-      - name: Sort
-        in: query
-        schema:
-          type: integer
-          format: int32
+        - name: page
+          in: query
+          required: true
+          schema:
+            $ref: "#/components/schemas/Pagination"
+        - name: filter
+          in: query
+          required: false
+          schema:
+            $ref: "#/components/schemas/SubmissionFilter"
+      security:
+      - cookieAuth: []
      responses:
        "200":
          description: Successful response
@@ -130,6 +58,8 @@ paths:
          application/json:
            schema:
              $ref: '#/components/schemas/SubmissionCreate'
+      security:
+      - cookieAuth: []
      responses:
        "201":
          description: Successful response
@@ -149,9 +79,10 @@ paths:
      operationId: getSubmission
      tags:
        - Submissions
-      security: []
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
+      security:
+      - cookieAuth: []
      responses:
        "200":
          description: Successful response
@@ -185,6 +116,8 @@ paths:
          schema:
            type: integer
            format: int64
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -196,12 +129,14 @@ paths:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/completed:
    post:
-      summary: Called by maptest when a player completes the map
+      summary: Retrieve map with ID
      operationId: setSubmissionCompleted
      tags:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -219,6 +154,8 @@ paths:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -236,6 +173,8 @@ paths:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -247,46 +186,14 @@ paths:
                $ref: "#/components/schemas/Error"
  /submissions/{SubmissionID}/status/trigger-validate:
    post:
-      summary: Role Reviewer triggers validation and changes status from Submitted -> Validating
+      summary: Role Reviewer triggers validation and changes status from Submitted|Accepted -> Validating
      operationId: actionSubmissionTriggerValidate
      tags:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
-      responses:
-        "204":
-          description: Successful response
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /submissions/{SubmissionID}/status/retry-validate:
-    post:
-      summary: Role Reviewer re-runs validation and changes status from Accepted -> Validating
-      operationId: actionSubmissionRetryValidate
-      tags:
-        - Submissions
-      parameters:
-        - $ref: '#/components/parameters/SubmissionID'
-      responses:
-        "204":
-          description: Successful response
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
-  /submissions/{SubmissionID}/status/reset-validating:
-    post:
-      summary: Role Reviewer manually resets validating softlock and changes status from Validating -> Accepted
-      operationId: actionSubmissionAccepted
-      tags:
-        - Submissions
-      parameters:
-        - $ref: '#/components/parameters/SubmissionID'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -304,6 +211,8 @@ paths:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -321,6 +230,8 @@ paths:
        - Submissions
      parameters:
        - $ref: '#/components/parameters/SubmissionID'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -330,10 +241,10 @@ paths:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
-  /submissions/{SubmissionID}/status/trigger-upload:
+  /submissions/{SubmissionID}/status/validator-validated:
    post:
-      summary: Role Admin changes status from Validated -> Uploading
-      operationId: actionSubmissionTriggerUpload
+      summary: (Internal endpoint) Role Validator changes status from Validating -> Validated
+      operationId: actionSubmissionValidate
      tags:
        - Submissions
      parameters:
@@ -347,10 +258,10 @@ paths:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
-  /submissions/{SubmissionID}/status/reset-uploading:
+  /submissions/{SubmissionID}/status/validator-published:
    post:
-      summary: Role Admin manually resets uploading softlock and changes status from Uploading -> Validated
-      operationId: actionSubmissionValidated
+      summary: (Internal endpoint) Role Validator changes status from Publishing -> Published
+      operationId: actionSubmissionPublish
      tags:
        - Submissions
      parameters:
@@ -364,24 +275,18 @@ paths:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
-  /release-submissions:
+  /submissions/{SubmissionID}/status/trigger-publish:
    post:
-      summary: Release a set of uploaded maps
-      operationId: releaseSubmissions
+      summary: Role Admin changes status from Validated -> Publishing
+      operationId: actionSubmissionTriggerPublish
      tags:
        - Submissions
-      requestBody:
-        required: true
-        content:
-          application/json:
-            schema:
-              type: array
-              minItems: 1
-              maxItems: 255
-              items:
-                $ref: '#/components/schemas/ReleaseInfo'
+      parameters:
+        - $ref: '#/components/parameters/SubmissionID'
+      security:
+      - cookieAuth: []
      responses:
-        "201":
+        "204":
          description: Successful response
        default:
          description: General Error
@@ -390,46 +295,6 @@ paths:
              schema:
                $ref: "#/components/schemas/Error"
  /script-policy:
-    get:
-      summary: Get list of script policies
-      operationId: listScriptPolicy
-      tags:
-        - ScriptPolicy
-      security: []
-      parameters:
-      - $ref: "#/components/parameters/Page"
-      - $ref: "#/components/parameters/Limit"
-      - name: FromScriptHash
-        in: query
-        schema:
-          type: string
-          minLength: 16
-          maxLength: 16
-      - name: ToScriptID
-        in: query
-        schema:
-          type: integer
-          format: int64
-      - name: Policy
-        in: query
-        schema:
-          type: integer
-          format: int32
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: "#/components/schemas/ScriptPolicy"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
    post:
      summary: Create a new script policy
      operationId: createScriptPolicy
@@ -441,6 +306,8 @@ paths:
          application/json:
            schema:
              $ref: '#/components/schemas/ScriptPolicyCreate'
+      security:
+      - cookieAuth: []
      responses:
        "201":
          description: Successful response
@@ -454,15 +321,45 @@ paths:
            application/json:
              schema:
                $ref: "#/components/schemas/Error"
-  /script-policy/{ScriptPolicyID}:
+  /script-policy/hash/{FromScriptHash}:
+    get:
+      summary: Get the policy for the given hash of script source code
+      operationId: getScriptPolicyFromHash
+      tags:
+        - ScriptPolicy
+      parameters:
+        - name: FromScriptHash
+          in: path
+          required: true
+          schema:
+            type: string
+            minLength: 16
+            maxLength: 16
+      security:
+      - cookieAuth: []
+      responses:
+        "200":
+          description: Successful response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ScriptPolicy"
+        default:
+          description: General Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/Error"
+  /script-policy/id/{ScriptPolicyID}:
    get:
      summary: Get the specified script policy by ID
      operationId: getScriptPolicy
      tags:
        - ScriptPolicy
-      security: []
      parameters:
        - $ref: '#/components/parameters/ScriptPolicyID'
+      security:
+      - cookieAuth: []
      responses:
        "200":
          description: Successful response
@@ -489,6 +386,8 @@ paths:
          application/json:
            schema:
              $ref: '#/components/schemas/ScriptPolicyUpdate'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -505,6 +404,8 @@ paths:
        - ScriptPolicy
      parameters:
        - $ref: '#/components/parameters/ScriptPolicyID'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -515,51 +416,6 @@ paths:
              schema:
                $ref: "#/components/schemas/Error"
  /scripts:
-    get:
-      summary: Get list of scripts
-      operationId: listScripts
-      tags:
-        - Script
-      security: []
-      parameters:
-      - $ref: "#/components/parameters/Page"
-      - $ref: "#/components/parameters/Limit"
-      - name: Hash
-        in: query
-        schema:
-          type: string
-          minLength: 16
-          maxLength: 16
-      - name: Name
-        in: query
-        schema:
-          type: string
-          maxLength: 128
-      - name: Source
-        in: query
-        schema:
-          type: string
-          maxLength: 1048576
-      - name: SubmissionID
-        in: query
-        schema:
-          type: integer
-          format: int64
-      responses:
-        "200":
-          description: Successful response
-          content:
-            application/json:
-              schema:
-                type: array
-                items:
-                  $ref: "#/components/schemas/Script"
-        default:
-          description: General Error
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/Error"
    post:
      summary: Create a new script
      operationId: createScript
@@ -571,6 +427,8 @@ paths:
          application/json:
            schema:
              $ref: '#/components/schemas/ScriptCreate'
+      security:
+      - cookieAuth: []
      responses:
        "201":
          description: Successful response
@@ -590,9 +448,10 @@ paths:
      operationId: getScript
      tags:
        - Scripts
-      security: []
      parameters:
        - $ref: '#/components/parameters/ScriptID'
+      security:
+      - cookieAuth: []
      responses:
        "200":
          description: Successful response
@@ -619,6 +478,8 @@ paths:
          application/json:
            schema:
              $ref: '#/components/schemas/ScriptUpdate'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -635,6 +496,8 @@ paths:
        - Scripts
      parameters:
        - $ref: '#/components/parameters/ScriptID'
+      security:
+      - cookieAuth: []
      responses:
        "204":
          description: Successful response
@@ -675,23 +538,6 @@ components:
      schema:
        type: integer
        format: int64
-    Page:
-      name: Page
-      in: query
-      required: true
-      schema:
-        type: integer
-        format: int32
-        minimum: 1
-    Limit:
-      name: Limit
-      in: query
-      required: true
-      schema:
-        type: integer
-        format: int32
-        minimum: 1
-        maximum: 100
  schemas:
    Id:
      required:
@@ -701,30 +547,6 @@ components:
        ID:
          type: integer
          format: int64
-    Roles:
-      required:
-      - Roles
-      type: object
-      properties:
-        Roles:
-          type: integer
-          format: int32
-    User:
-      required:
-      - UserID
-      - Username
-      - AvatarURL
-      type: object
-      properties:
-        UserID:
-          type: integer
-          format: int64
-        Username:
-          type: string
-          maxLength: 128
-        AvatarURL:
-          type: string
-          maxLength: 256
    Submission:
      required:
      - ID
@@ -737,9 +559,9 @@ components:
      - AssetID
      - AssetVersion
      - Completed
-#     - UploadedAssetID
+      - SubmissionType
+#     - TargetAssetID
      - StatusID
-      - StatusMessage
      type: object
      properties:
        ID:
@@ -771,15 +593,32 @@ components:
          format: int64
        Completed:
          type: boolean
-        UploadedAssetID:
+        SubmissionType:
+          type: integer
+          format: int32
+        TargetAssetID:
          type: integer
          format: int64
        StatusID:
          type: integer
          format: int32
-        StatusMessage:
+    SubmissionFilter:
+      required:
+      - ID
+      type: object
+      properties:
+        ID:
+          type: integer
+          format: int64
+        DisplayName:
          type: string
-          maxLength: 256
+          maxLength: 128
+        Creator:
+          type: string
+          maxLength: 128
+        GameID:
+          type: integer
+          format: int32
    SubmissionCreate:
      required:
      - DisplayName
@@ -787,6 +626,7 @@ components:
      - GameID
      - AssetID
      - AssetVersion
+#     - TargetAssetID
      type: object
      properties:
        DisplayName:
@@ -804,34 +644,20 @@ components:
        AssetVersion:
          type: integer
          format: int64
-    ReleaseInfo:
-      required:
-      - SubmissionID
-      - Date
-      type: object
-      properties:
-        SubmissionID:
+        TargetAssetID:
          type: integer
          format: int64
-        Date:
-          type: string
-          format: date-time
    Script:
      required:
      - ID
-      - Name
      - Hash
      - Source
-      - ResourceType
-      - ResourceID
+      - SubmissionID
      type: object
      properties:
        ID:
          type: integer
          format: int64
-        Name:
-          type: string
-          maxLength: 128
        Hash:
          type: string
          minLength: 16
@@ -839,30 +665,19 @@ components:
        Source:
          type: string
          maxLength: 1048576
-        ResourceType:
-          type: integer
-          format: int32
-        ResourceID:
+        SubmissionID:
          type: integer
          format: int64
    ScriptCreate:
      required:
-      - Name
      - Source
-      - ResourceType
-#     - ResourceID
+#     - SubmissionID
      type: object
      properties:
-        Name:
-          type: string
-          maxLength: 128
        Source:
          type: string
          maxLength: 1048576
-        ResourceType:
-          type: integer
-          format: int32
-        ResourceID:
+        SubmissionID:
          type: integer
          format: int64
    ScriptUpdate:
@@ -873,16 +688,10 @@ components:
        ID:
          type: integer
          format: int64
-        Name:
-          type: string
-          maxLength: 128
        Source:
          type: string
          maxLength: 1048576
-        ResourceType:
-          type: integer
-          format: int32
-        ResourceID:
+        SubmissionID:
          type: integer
          format: int64
    ScriptPolicy:
@@ -939,6 +748,21 @@ components:
        Policy:
          type: integer
          format: int32
+    Pagination:
+      type: object
+      required:
+        - Page
+        - Limit
+      properties:
+        Page:
+          type: integer
+          format: int32
+          minimum: 1
+        Limit:
+          type: integer
+          format: int32
+          minimum: 1
+          maximum: 100
    Error:
      description: Represents error object
      type: object
--- a/pkg/api/oas_client_gen.go
+++ b/pkg/api/oas_client_gen.go
--- a/pkg/api/oas_handlers_gen.go
+++ b/pkg/api/oas_handlers_gen.go
--- a/pkg/api/oas_json_gen.go
+++ b/pkg/api/oas_json_gen.go
@@ -9,7 +9,6 @@ import (
 	"github.com/go-faster/errors"
 	"github.com/go-faster/jx"

-	"github.com/ogen-go/ogen/json"
 	"github.com/ogen-go/ogen/validate"
 )

@@ -327,215 +326,6 @@ func (s *OptString) UnmarshalJSON(data []byte) error {
 	return s.Decode(d)
 }

-// Encode implements json.Marshaler.
-func (s *ReleaseInfo) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *ReleaseInfo) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("SubmissionID")
-		e.Int64(s.SubmissionID)
-	}
-	{
-		e.FieldStart("Date")
-		json.EncodeDateTime(e, s.Date)
-	}
-}
-
-var jsonFieldsNameOfReleaseInfo = [2]string{
-	0: "SubmissionID",
-	1: "Date",
-}
-
-// Decode decodes ReleaseInfo from json.
-func (s *ReleaseInfo) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode ReleaseInfo to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "SubmissionID":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int64()
-				s.SubmissionID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"SubmissionID\"")
-			}
-		case "Date":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := json.DecodeDateTime(d)
-				s.Date = v
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Date\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode ReleaseInfo")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000011,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfReleaseInfo) {
-					name = jsonFieldsNameOfReleaseInfo[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *ReleaseInfo) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *ReleaseInfo) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode implements json.Marshaler.
-func (s *Roles) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *Roles) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("Roles")
-		e.Int32(s.Roles)
-	}
-}
-
-var jsonFieldsNameOfRoles = [1]string{
-	0: "Roles",
-}
-
-// Decode decodes Roles from json.
-func (s *Roles) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode Roles to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "Roles":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int32()
-				s.Roles = int32(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Roles\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode Roles")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000001,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfRoles) {
-					name = jsonFieldsNameOfRoles[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *Roles) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *Roles) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
 // Encode implements json.Marshaler.
 func (s *Script) Encode(e *jx.Encoder) {
 	e.ObjStart()
@@ -549,10 +339,6 @@ func (s *Script) encodeFields(e *jx.Encoder) {
 		e.FieldStart("ID")
 		e.Int64(s.ID)
 	}
-	{
-		e.FieldStart("Name")
-		e.Str(s.Name)
-	}
 	{
 		e.FieldStart("Hash")
 		e.Str(s.Hash)
@@ -562,22 +348,16 @@ func (s *Script) encodeFields(e *jx.Encoder) {
 		e.Str(s.Source)
 	}
 	{
-		e.FieldStart("ResourceType")
-		e.Int32(s.ResourceType)
-	}
-	{
-		e.FieldStart("ResourceID")
-		e.Int64(s.ResourceID)
+		e.FieldStart("SubmissionID")
+		e.Int64(s.SubmissionID)
 	}
 }

-var jsonFieldsNameOfScript = [6]string{
+var jsonFieldsNameOfScript = [4]string{
 	0: "ID",
-	1: "Name",
-	2: "Hash",
-	3: "Source",
-	4: "ResourceType",
-	5: "ResourceID",
+	1: "Hash",
+	2: "Source",
+	3: "SubmissionID",
 }

 // Decode decodes Script from json.
@@ -601,20 +381,8 @@ func (s *Script) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"ID\"")
 			}
-		case "Name":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := d.Str()
-				s.Name = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Name\"")
-			}
 		case "Hash":
-			requiredBitSet[0] |= 1 << 2
+			requiredBitSet[0] |= 1 << 1
 			if err := func() error {
 				v, err := d.Str()
 				s.Hash = string(v)
@@ -626,7 +394,7 @@ func (s *Script) Decode(d *jx.Decoder) error {
 				return errors.Wrap(err, "decode field \"Hash\"")
 			}
 		case "Source":
-			requiredBitSet[0] |= 1 << 3
+			requiredBitSet[0] |= 1 << 2
 			if err := func() error {
 				v, err := d.Str()
 				s.Source = string(v)
@@ -637,29 +405,17 @@ func (s *Script) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Source\"")
 			}
-		case "ResourceType":
-			requiredBitSet[0] |= 1 << 4
-			if err := func() error {
-				v, err := d.Int32()
-				s.ResourceType = int32(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceType\"")
-			}
-		case "ResourceID":
-			requiredBitSet[0] |= 1 << 5
+		case "SubmissionID":
+			requiredBitSet[0] |= 1 << 3
 			if err := func() error {
 				v, err := d.Int64()
-				s.ResourceID = int64(v)
+				s.SubmissionID = int64(v)
 				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceID\"")
+				return errors.Wrap(err, "decode field \"SubmissionID\"")
 			}
 		default:
 			return d.Skip()
@@ -671,7 +427,7 @@ func (s *Script) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00111111,
+		0b00001111,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -726,31 +482,21 @@ func (s *ScriptCreate) Encode(e *jx.Encoder) {

 // encodeFields encodes fields.
 func (s *ScriptCreate) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("Name")
-		e.Str(s.Name)
-	}
 	{
 		e.FieldStart("Source")
 		e.Str(s.Source)
 	}
 	{
-		e.FieldStart("ResourceType")
-		e.Int32(s.ResourceType)
-	}
-	{
-		if s.ResourceID.Set {
-			e.FieldStart("ResourceID")
-			s.ResourceID.Encode(e)
+		if s.SubmissionID.Set {
+			e.FieldStart("SubmissionID")
+			s.SubmissionID.Encode(e)
 		}
 	}
 }

-var jsonFieldsNameOfScriptCreate = [4]string{
-	0: "Name",
-	1: "Source",
-	2: "ResourceType",
-	3: "ResourceID",
+var jsonFieldsNameOfScriptCreate = [2]string{
+	0: "Source",
+	1: "SubmissionID",
 }

 // Decode decodes ScriptCreate from json.
@@ -762,20 +508,8 @@ func (s *ScriptCreate) Decode(d *jx.Decoder) error {

 	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
 		switch string(k) {
-		case "Name":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Str()
-				s.Name = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Name\"")
-			}
 		case "Source":
-			requiredBitSet[0] |= 1 << 1
+			requiredBitSet[0] |= 1 << 0
 			if err := func() error {
 				v, err := d.Str()
 				s.Source = string(v)
@@ -786,27 +520,15 @@ func (s *ScriptCreate) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Source\"")
 			}
-		case "ResourceType":
-			requiredBitSet[0] |= 1 << 2
+		case "SubmissionID":
 			if err := func() error {
-				v, err := d.Int32()
-				s.ResourceType = int32(v)
-				if err != nil {
+				s.SubmissionID.Reset()
+				if err := s.SubmissionID.Decode(d); err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceType\"")
-			}
-		case "ResourceID":
-			if err := func() error {
-				s.ResourceID.Reset()
-				if err := s.ResourceID.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceID\"")
+				return errors.Wrap(err, "decode field \"SubmissionID\"")
 			}
 		default:
 			return d.Skip()
@@ -818,7 +540,7 @@ func (s *ScriptCreate) Decode(d *jx.Decoder) error {
 	// Validate required fields.
 	var failures []validate.FieldError
 	for i, mask := range [1]uint8{
-		0b00000111,
+		0b00000001,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -1301,12 +1023,6 @@ func (s *ScriptUpdate) encodeFields(e *jx.Encoder) {
 		e.FieldStart("ID")
 		e.Int64(s.ID)
 	}
-	{
-		if s.Name.Set {
-			e.FieldStart("Name")
-			s.Name.Encode(e)
-		}
-	}
 	{
 		if s.Source.Set {
 			e.FieldStart("Source")
@@ -1314,25 +1030,17 @@ func (s *ScriptUpdate) encodeFields(e *jx.Encoder) {
 		}
 	}
 	{
-		if s.ResourceType.Set {
-			e.FieldStart("ResourceType")
-			s.ResourceType.Encode(e)
-		}
-	}
-	{
-		if s.ResourceID.Set {
-			e.FieldStart("ResourceID")
-			s.ResourceID.Encode(e)
+		if s.SubmissionID.Set {
+			e.FieldStart("SubmissionID")
+			s.SubmissionID.Encode(e)
 		}
 	}
 }

-var jsonFieldsNameOfScriptUpdate = [5]string{
+var jsonFieldsNameOfScriptUpdate = [3]string{
 	0: "ID",
-	1: "Name",
-	2: "Source",
-	3: "ResourceType",
-	4: "ResourceID",
+	1: "Source",
+	2: "SubmissionID",
 }

 // Decode decodes ScriptUpdate from json.
@@ -1356,16 +1064,6 @@ func (s *ScriptUpdate) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"ID\"")
 			}
-		case "Name":
-			if err := func() error {
-				s.Name.Reset()
-				if err := s.Name.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Name\"")
-			}
 		case "Source":
 			if err := func() error {
 				s.Source.Reset()
@@ -1376,25 +1074,15 @@ func (s *ScriptUpdate) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Source\"")
 			}
-		case "ResourceType":
+		case "SubmissionID":
 			if err := func() error {
-				s.ResourceType.Reset()
-				if err := s.ResourceType.Decode(d); err != nil {
+				s.SubmissionID.Reset()
+				if err := s.SubmissionID.Decode(d); err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceType\"")
-			}
-		case "ResourceID":
-			if err := func() error {
-				s.ResourceID.Reset()
-				if err := s.ResourceID.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceID\"")
+				return errors.Wrap(err, "decode field \"SubmissionID\"")
 			}
 		default:
 			return d.Skip()
@@ -1502,19 +1190,19 @@ func (s *Submission) encodeFields(e *jx.Encoder) {
 		e.Bool(s.Completed)
 	}
 	{
-		if s.UploadedAssetID.Set {
-			e.FieldStart("UploadedAssetID")
-			s.UploadedAssetID.Encode(e)
+		e.FieldStart("SubmissionType")
+		e.Int32(s.SubmissionType)
+	}
+	{
+		if s.TargetAssetID.Set {
+			e.FieldStart("TargetAssetID")
+			s.TargetAssetID.Encode(e)
 		}
 	}
 	{
 		e.FieldStart("StatusID")
 		e.Int32(s.StatusID)
 	}
-	{
-		e.FieldStart("StatusMessage")
-		e.Str(s.StatusMessage)
-	}
 }

 var jsonFieldsNameOfSubmission = [13]string{
@@ -1528,9 +1216,9 @@ var jsonFieldsNameOfSubmission = [13]string{
 	7:  "AssetID",
 	8:  "AssetVersion",
 	9:  "Completed",
-	10: "UploadedAssetID",
-	11: "StatusID",
-	12: "StatusMessage",
+	10: "SubmissionType",
+	11: "TargetAssetID",
+	12: "StatusID",
 }

 // Decode decodes Submission from json.
@@ -1662,18 +1350,30 @@ func (s *Submission) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"Completed\"")
 			}
-		case "UploadedAssetID":
+		case "SubmissionType":
+			requiredBitSet[1] |= 1 << 2
 			if err := func() error {
-				s.UploadedAssetID.Reset()
-				if err := s.UploadedAssetID.Decode(d); err != nil {
+				v, err := d.Int32()
+				s.SubmissionType = int32(v)
+				if err != nil {
 					return err
 				}
 				return nil
 			}(); err != nil {
-				return errors.Wrap(err, "decode field \"UploadedAssetID\"")
+				return errors.Wrap(err, "decode field \"SubmissionType\"")
+			}
+		case "TargetAssetID":
+			if err := func() error {
+				s.TargetAssetID.Reset()
+				if err := s.TargetAssetID.Decode(d); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"TargetAssetID\"")
 			}
 		case "StatusID":
-			requiredBitSet[1] |= 1 << 3
+			requiredBitSet[1] |= 1 << 4
 			if err := func() error {
 				v, err := d.Int32()
 				s.StatusID = int32(v)
@@ -1684,18 +1384,6 @@ func (s *Submission) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"StatusID\"")
 			}
-		case "StatusMessage":
-			requiredBitSet[1] |= 1 << 4
-			if err := func() error {
-				v, err := d.Str()
-				s.StatusMessage = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"StatusMessage\"")
-			}
 		default:
 			return d.Skip()
 		}
@@ -1707,7 +1395,7 @@ func (s *Submission) Decode(d *jx.Decoder) error {
 	var failures []validate.FieldError
 	for i, mask := range [2]uint8{
 		0b11111111,
-		0b00011011,
+		0b00010111,
 	} {
 		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
 			// Mask only required fields and check equality to mask using XOR.
@@ -1782,14 +1470,21 @@ func (s *SubmissionCreate) encodeFields(e *jx.Encoder) {
 		e.FieldStart("AssetVersion")
 		e.Int64(s.AssetVersion)
 	}
+	{
+		if s.TargetAssetID.Set {
+			e.FieldStart("TargetAssetID")
+			s.TargetAssetID.Encode(e)
+		}
+	}
 }

-var jsonFieldsNameOfSubmissionCreate = [5]string{
+var jsonFieldsNameOfSubmissionCreate = [6]string{
 	0: "DisplayName",
 	1: "Creator",
 	2: "GameID",
 	3: "AssetID",
 	4: "AssetVersion",
+	5: "TargetAssetID",
 }

 // Decode decodes SubmissionCreate from json.
@@ -1861,6 +1556,16 @@ func (s *SubmissionCreate) Decode(d *jx.Decoder) error {
 			}(); err != nil {
 				return errors.Wrap(err, "decode field \"AssetVersion\"")
 			}
+		case "TargetAssetID":
+			if err := func() error {
+				s.TargetAssetID.Reset()
+				if err := s.TargetAssetID.Decode(d); err != nil {
+					return err
+				}
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"TargetAssetID\"")
+			}
 		default:
 			return d.Skip()
 		}
@@ -1916,133 +1621,3 @@ func (s *SubmissionCreate) UnmarshalJSON(data []byte) error {
 	d := jx.DecodeBytes(data)
 	return s.Decode(d)
 }
-
-// Encode implements json.Marshaler.
-func (s *User) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *User) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("UserID")
-		e.Int64(s.UserID)
-	}
-	{
-		e.FieldStart("Username")
-		e.Str(s.Username)
-	}
-	{
-		e.FieldStart("AvatarURL")
-		e.Str(s.AvatarURL)
-	}
-}
-
-var jsonFieldsNameOfUser = [3]string{
-	0: "UserID",
-	1: "Username",
-	2: "AvatarURL",
-}
-
-// Decode decodes User from json.
-func (s *User) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode User to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "UserID":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int64()
-				s.UserID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"UserID\"")
-			}
-		case "Username":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := d.Str()
-				s.Username = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Username\"")
-			}
-		case "AvatarURL":
-			requiredBitSet[0] |= 1 << 2
-			if err := func() error {
-				v, err := d.Str()
-				s.AvatarURL = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"AvatarURL\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode User")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000111,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfUser) {
-					name = jsonFieldsNameOfUser[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *User) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *User) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
--- a/pkg/api/oas_operations_gen.go
+++ b/pkg/api/oas_operations_gen.go
@@ -6,15 +6,14 @@ package api
 type OperationName = string

 const (
-	ActionSubmissionAcceptedOperation        OperationName = "ActionSubmissionAccepted"
+	ActionSubmissionPublishOperation         OperationName = "ActionSubmissionPublish"
 	ActionSubmissionRejectOperation          OperationName = "ActionSubmissionReject"
 	ActionSubmissionRequestChangesOperation  OperationName = "ActionSubmissionRequestChanges"
-	ActionSubmissionRetryValidateOperation   OperationName = "ActionSubmissionRetryValidate"
 	ActionSubmissionRevokeOperation          OperationName = "ActionSubmissionRevoke"
 	ActionSubmissionSubmitOperation          OperationName = "ActionSubmissionSubmit"
-	ActionSubmissionTriggerUploadOperation   OperationName = "ActionSubmissionTriggerUpload"
+	ActionSubmissionTriggerPublishOperation  OperationName = "ActionSubmissionTriggerPublish"
 	ActionSubmissionTriggerValidateOperation OperationName = "ActionSubmissionTriggerValidate"
-	ActionSubmissionValidatedOperation       OperationName = "ActionSubmissionValidated"
+	ActionSubmissionValidateOperation        OperationName = "ActionSubmissionValidate"
 	CreateScriptOperation                    OperationName = "CreateScript"
 	CreateScriptPolicyOperation              OperationName = "CreateScriptPolicy"
 	CreateSubmissionOperation                OperationName = "CreateSubmission"
@@ -22,14 +21,9 @@ const (
 	DeleteScriptPolicyOperation              OperationName = "DeleteScriptPolicy"
 	GetScriptOperation                       OperationName = "GetScript"
 	GetScriptPolicyOperation                 OperationName = "GetScriptPolicy"
+	GetScriptPolicyFromHashOperation         OperationName = "GetScriptPolicyFromHash"
 	GetSubmissionOperation                   OperationName = "GetSubmission"
-	ListScriptPolicyOperation                OperationName = "ListScriptPolicy"
-	ListScriptsOperation                     OperationName = "ListScripts"
 	ListSubmissionsOperation                 OperationName = "ListSubmissions"
-	ReleaseSubmissionsOperation              OperationName = "ReleaseSubmissions"
-	SessionRolesOperation                    OperationName = "SessionRoles"
-	SessionUserOperation                     OperationName = "SessionUser"
-	SessionValidateOperation                 OperationName = "SessionValidate"
 	SetSubmissionCompletedOperation          OperationName = "SetSubmissionCompleted"
 	UpdateScriptOperation                    OperationName = "UpdateScript"
 	UpdateScriptPolicyOperation              OperationName = "UpdateScriptPolicy"
--- a/pkg/api/oas_parameters_gen.go
+++ b/pkg/api/oas_parameters_gen.go
--- a/pkg/api/oas_request_decoders_gen.go
+++ b/pkg/api/oas_request_decoders_gen.go
@@ -220,93 +220,6 @@ func (s *Server) decodeCreateSubmissionRequest(r *http.Request) (
 	}
 }

-func (s *Server) decodeReleaseSubmissionsRequest(r *http.Request) (
-	req []ReleaseInfo,
-	close func() error,
-	rerr error,
-) {
-	var closers []func() error
-	close = func() error {
-		var merr error
-		// Close in reverse order, to match defer behavior.
-		for i := len(closers) - 1; i >= 0; i-- {
-			c := closers[i]
-			merr = multierr.Append(merr, c())
-		}
-		return merr
-	}
-	defer func() {
-		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
-		}
-	}()
-	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
-	if err != nil {
-		return req, close, errors.Wrap(err, "parse media type")
-	}
-	switch {
-	case ct == "application/json":
-		if r.ContentLength == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-		buf, err := io.ReadAll(r.Body)
-		if err != nil {
-			return req, close, err
-		}
-
-		if len(buf) == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-
-		d := jx.DecodeBytes(buf)
-
-		var request []ReleaseInfo
-		if err := func() error {
-			request = make([]ReleaseInfo, 0)
-			if err := d.Arr(func(d *jx.Decoder) error {
-				var elem ReleaseInfo
-				if err := elem.Decode(d); err != nil {
-					return err
-				}
-				request = append(request, elem)
-				return nil
-			}); err != nil {
-				return err
-			}
-			if err := d.Skip(); err != io.EOF {
-				return errors.New("unexpected trailing data")
-			}
-			return nil
-		}(); err != nil {
-			err = &ogenerrors.DecodeBodyError{
-				ContentType: ct,
-				Body:        buf,
-				Err:         err,
-			}
-			return req, close, err
-		}
-		if err := func() error {
-			if request == nil {
-				return errors.New("nil is invalid value")
-			}
-			if err := (validate.Array{
-				MinLength:    1,
-				MinLengthSet: true,
-				MaxLength:    255,
-				MaxLengthSet: true,
-			}).ValidateLength(len(request)); err != nil {
-				return errors.Wrap(err, "array")
-			}
-			return nil
-		}(); err != nil {
-			return req, close, errors.Wrap(err, "validate")
-		}
-		return request, close, nil
-	default:
-		return req, close, validate.InvalidContentType(ct)
-	}
-}
-
 func (s *Server) decodeUpdateScriptRequest(r *http.Request) (
 	req *ScriptUpdate,
 	close func() error,
--- a/pkg/api/oas_request_encoders_gen.go
+++ b/pkg/api/oas_request_encoders_gen.go
@@ -53,24 +53,6 @@ func encodeCreateSubmissionRequest(
 	return nil
 }

-func encodeReleaseSubmissionsRequest(
-	req []ReleaseInfo,
-	r *http.Request,
-) error {
-	const contentType = "application/json"
-	e := new(jx.Encoder)
-	{
-		e.ArrStart()
-		for _, elem := range req {
-			elem.Encode(e)
-		}
-		e.ArrEnd()
-	}
-	encoded := e.Bytes()
-	ht.SetBody(r, bytes.NewReader(encoded), contentType)
-	return nil
-}
-
 func encodeUpdateScriptRequest(
 	req *ScriptUpdate,
 	r *http.Request,
--- a/pkg/api/oas_response_decoders_gen.go
+++ b/pkg/api/oas_response_decoders_gen.go
@@ -15,11 +15,11 @@ import (
 	"github.com/ogen-go/ogen/validate"
 )

-func decodeActionSubmissionAcceptedResponse(resp *http.Response) (res *ActionSubmissionAcceptedNoContent, _ error) {
+func decodeActionSubmissionPublishResponse(resp *http.Response) (res *ActionSubmissionPublishNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
 		// Code 204.
-		return &ActionSubmissionAcceptedNoContent{}, nil
+		return &ActionSubmissionPublishNoContent{}, nil
 	}
 	// Convenient error response.
 	defRes, err := func() (res *ErrorStatusCode, err error) {
@@ -168,57 +168,6 @@ func decodeActionSubmissionRequestChangesResponse(resp *http.Response) (res *Act
 	return res, errors.Wrap(defRes, "error")
 }

-func decodeActionSubmissionRetryValidateResponse(resp *http.Response) (res *ActionSubmissionRetryValidateNoContent, _ error) {
-	switch resp.StatusCode {
-	case 204:
-		// Code 204.
-		return &ActionSubmissionRetryValidateNoContent{}, nil
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
 func decodeActionSubmissionRevokeResponse(resp *http.Response) (res *ActionSubmissionRevokeNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
@@ -321,11 +270,11 @@ func decodeActionSubmissionSubmitResponse(resp *http.Response) (res *ActionSubmi
 	return res, errors.Wrap(defRes, "error")
 }

-func decodeActionSubmissionTriggerUploadResponse(resp *http.Response) (res *ActionSubmissionTriggerUploadNoContent, _ error) {
+func decodeActionSubmissionTriggerPublishResponse(resp *http.Response) (res *ActionSubmissionTriggerPublishNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
 		// Code 204.
-		return &ActionSubmissionTriggerUploadNoContent{}, nil
+		return &ActionSubmissionTriggerPublishNoContent{}, nil
 	}
 	// Convenient error response.
 	defRes, err := func() (res *ErrorStatusCode, err error) {
@@ -423,11 +372,11 @@ func decodeActionSubmissionTriggerValidateResponse(resp *http.Response) (res *Ac
 	return res, errors.Wrap(defRes, "error")
 }

-func decodeActionSubmissionValidatedResponse(resp *http.Response) (res *ActionSubmissionValidatedNoContent, _ error) {
+func decodeActionSubmissionValidateResponse(resp *http.Response) (res *ActionSubmissionValidateNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
 		// Code 204.
-		return &ActionSubmissionValidatedNoContent{}, nil
+		return &ActionSubmissionValidateNoContent{}, nil
 	}
 	// Convenient error response.
 	defRes, err := func() (res *ErrorStatusCode, err error) {
@@ -1009,7 +958,7 @@ func decodeGetScriptPolicyResponse(resp *http.Response) (res *ScriptPolicy, _ er
 	return res, errors.Wrap(defRes, "error")
 }

-func decodeGetSubmissionResponse(resp *http.Response) (res *Submission, _ error) {
+func decodeGetScriptPolicyFromHashResponse(resp *http.Response) (res *ScriptPolicy, _ error) {
 	switch resp.StatusCode {
 	case 200:
 		// Code 200.
@@ -1025,7 +974,7 @@ func decodeGetSubmissionResponse(resp *http.Response) (res *Submission, _ error)
 			}
 			d := jx.DecodeBytes(buf)

-			var response Submission
+			var response ScriptPolicy
 			if err := func() error {
 				if err := response.Decode(d); err != nil {
 					return err
@@ -1101,7 +1050,7 @@ func decodeGetSubmissionResponse(resp *http.Response) (res *Submission, _ error)
 	return res, errors.Wrap(defRes, "error")
 }

-func decodeListScriptPolicyResponse(resp *http.Response) (res []ScriptPolicy, _ error) {
+func decodeGetSubmissionResponse(resp *http.Response) (res *Submission, _ error) {
 	switch resp.StatusCode {
 	case 200:
 		// Code 200.
@@ -1117,77 +1066,7 @@ func decodeListScriptPolicyResponse(resp *http.Response) (res []ScriptPolicy, _
 			}
 			d := jx.DecodeBytes(buf)

-			var response []ScriptPolicy
-			if err := func() error {
-				response = make([]ScriptPolicy, 0)
-				if err := d.Arr(func(d *jx.Decoder) error {
-					var elem ScriptPolicy
-					if err := elem.Decode(d); err != nil {
-						return err
-					}
-					response = append(response, elem)
-					return nil
-				}); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			// Validate response.
-			if err := func() error {
-				if response == nil {
-					return errors.New("nil is invalid value")
-				}
-				var failures []validate.FieldError
-				for i, elem := range response {
-					if err := func() error {
-						if err := elem.Validate(); err != nil {
-							return err
-						}
-						return nil
-					}(); err != nil {
-						failures = append(failures, validate.FieldError{
-							Name:  fmt.Sprintf("[%d]", i),
-							Error: err,
-						})
-					}
-				}
-				if len(failures) > 0 {
-					return &validate.Error{Fields: failures}
-				}
-				return nil
-			}(); err != nil {
-				return res, errors.Wrap(err, "validate")
-			}
-			return response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
+			var response Submission
 			if err := func() error {
 				if err := response.Decode(d); err != nil {
 					return err
@@ -1204,88 +1083,16 @@ func decodeListScriptPolicyResponse(resp *http.Response) (res []ScriptPolicy, _
 				}
 				return res, err
 			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeListScriptsResponse(resp *http.Response) (res []Script, _ error) {
-	switch resp.StatusCode {
-	case 200:
-		// Code 200.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response []Script
-			if err := func() error {
-				response = make([]Script, 0)
-				if err := d.Arr(func(d *jx.Decoder) error {
-					var elem Script
-					if err := elem.Decode(d); err != nil {
-						return err
-					}
-					response = append(response, elem)
-					return nil
-				}); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
 			// Validate response.
 			if err := func() error {
-				if response == nil {
-					return errors.New("nil is invalid value")
-				}
-				var failures []validate.FieldError
-				for i, elem := range response {
-					if err := func() error {
-						if err := elem.Validate(); err != nil {
-							return err
-						}
-						return nil
-					}(); err != nil {
-						failures = append(failures, validate.FieldError{
-							Name:  fmt.Sprintf("[%d]", i),
-							Error: err,
-						})
-					}
-				}
-				if len(failures) > 0 {
-					return &validate.Error{Fields: failures}
+				if err := response.Validate(); err != nil {
+					return err
 				}
 				return nil
 			}(); err != nil {
 				return res, errors.Wrap(err, "validate")
 			}
-			return response, nil
+			return &response, nil
 		default:
 			return res, validate.InvalidContentType(ct)
 		}
@@ -1452,317 +1259,6 @@ func decodeListSubmissionsResponse(resp *http.Response) (res []Submission, _ err
 	return res, errors.Wrap(defRes, "error")
 }

-func decodeReleaseSubmissionsResponse(resp *http.Response) (res *ReleaseSubmissionsCreated, _ error) {
-	switch resp.StatusCode {
-	case 201:
-		// Code 201.
-		return &ReleaseSubmissionsCreated{}, nil
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeSessionRolesResponse(resp *http.Response) (res *Roles, _ error) {
-	switch resp.StatusCode {
-	case 200:
-		// Code 200.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Roles
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeSessionUserResponse(resp *http.Response) (res *User, _ error) {
-	switch resp.StatusCode {
-	case 200:
-		// Code 200.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response User
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			// Validate response.
-			if err := func() error {
-				if err := response.Validate(); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return res, errors.Wrap(err, "validate")
-			}
-			return &response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeSessionValidateResponse(resp *http.Response) (res bool, _ error) {
-	switch resp.StatusCode {
-	case 200:
-		// Code 200.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response bool
-			if err := func() error {
-				v, err := d.Bool()
-				response = bool(v)
-				if err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
 func decodeSetSubmissionCompletedResponse(resp *http.Response) (res *SetSubmissionCompletedNoContent, _ error) {
 	switch resp.StatusCode {
 	case 204:
--- a/pkg/api/oas_response_encoders_gen.go
+++ b/pkg/api/oas_response_encoders_gen.go
@@ -13,7 +13,7 @@ import (
 	ht "github.com/ogen-go/ogen/http"
 )

-func encodeActionSubmissionAcceptedResponse(response *ActionSubmissionAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
+func encodeActionSubmissionPublishResponse(response *ActionSubmissionPublishNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))

@@ -34,13 +34,6 @@ func encodeActionSubmissionRequestChangesResponse(response *ActionSubmissionRequ
 	return nil
 }

-func encodeActionSubmissionRetryValidateResponse(response *ActionSubmissionRetryValidateNoContent, w http.ResponseWriter, span trace.Span) error {
-	w.WriteHeader(204)
-	span.SetStatus(codes.Ok, http.StatusText(204))
-
-	return nil
-}
-
 func encodeActionSubmissionRevokeResponse(response *ActionSubmissionRevokeNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
@@ -55,7 +48,7 @@ func encodeActionSubmissionSubmitResponse(response *ActionSubmissionSubmitNoCont
 	return nil
 }

-func encodeActionSubmissionTriggerUploadResponse(response *ActionSubmissionTriggerUploadNoContent, w http.ResponseWriter, span trace.Span) error {
+func encodeActionSubmissionTriggerPublishResponse(response *ActionSubmissionTriggerPublishNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))

@@ -69,7 +62,7 @@ func encodeActionSubmissionTriggerValidateResponse(response *ActionSubmissionTri
 	return nil
 }

-func encodeActionSubmissionValidatedResponse(response *ActionSubmissionValidatedNoContent, w http.ResponseWriter, span trace.Span) error {
+func encodeActionSubmissionValidateResponse(response *ActionSubmissionValidateNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))

@@ -160,7 +153,7 @@ func encodeGetScriptPolicyResponse(response *ScriptPolicy, w http.ResponseWriter
 	return nil
 }

-func encodeGetSubmissionResponse(response *Submission, w http.ResponseWriter, span trace.Span) error {
+func encodeGetScriptPolicyFromHashResponse(response *ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))
@@ -174,35 +167,13 @@ func encodeGetSubmissionResponse(response *Submission, w http.ResponseWriter, sp
 	return nil
 }

-func encodeListScriptPolicyResponse(response []ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
+func encodeGetSubmissionResponse(response *Submission, w http.ResponseWriter, span trace.Span) error {
 	w.Header().Set("Content-Type", "application/json; charset=utf-8")
 	w.WriteHeader(200)
 	span.SetStatus(codes.Ok, http.StatusText(200))

 	e := new(jx.Encoder)
-	e.ArrStart()
-	for _, elem := range response {
-		elem.Encode(e)
-	}
-	e.ArrEnd()
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
-func encodeListScriptsResponse(response []Script, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(200)
-	span.SetStatus(codes.Ok, http.StatusText(200))
-
-	e := new(jx.Encoder)
-	e.ArrStart()
-	for _, elem := range response {
-		elem.Encode(e)
-	}
-	e.ArrEnd()
+	response.Encode(e)
 	if _, err := e.WriteTo(w); err != nil {
 		return errors.Wrap(err, "write")
 	}
@@ -228,55 +199,6 @@ func encodeListSubmissionsResponse(response []Submission, w http.ResponseWriter,
 	return nil
 }

-func encodeReleaseSubmissionsResponse(response *ReleaseSubmissionsCreated, w http.ResponseWriter, span trace.Span) error {
-	w.WriteHeader(201)
-	span.SetStatus(codes.Ok, http.StatusText(201))
-
-	return nil
-}
-
-func encodeSessionRolesResponse(response *Roles, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(200)
-	span.SetStatus(codes.Ok, http.StatusText(200))
-
-	e := new(jx.Encoder)
-	response.Encode(e)
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
-func encodeSessionUserResponse(response *User, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(200)
-	span.SetStatus(codes.Ok, http.StatusText(200))
-
-	e := new(jx.Encoder)
-	response.Encode(e)
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
-func encodeSessionValidateResponse(response bool, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(200)
-	span.SetStatus(codes.Ok, http.StatusText(200))
-
-	e := new(jx.Encoder)
-	e.Bool(response)
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
 func encodeSetSubmissionCompletedResponse(response *SetSubmissionCompletedNoContent, w http.ResponseWriter, span trace.Span) error {
 	w.WriteHeader(204)
 	span.SetStatus(codes.Ok, http.StatusText(204))
--- a/pkg/api/oas_router_gen.go
+++ b/pkg/api/oas_router_gen.go
--- a/pkg/api/oas_schemas_gen.go
+++ b/pkg/api/oas_schemas_gen.go
@@ -4,15 +4,14 @@ package api

 import (
 	"fmt"
-	"time"
 )

 func (s *ErrorStatusCode) Error() string {
 	return fmt.Sprintf("code %d: %+v", s.StatusCode, s.Response)
 }

-// ActionSubmissionAcceptedNoContent is response for ActionSubmissionAccepted operation.
-type ActionSubmissionAcceptedNoContent struct{}
+// ActionSubmissionPublishNoContent is response for ActionSubmissionPublish operation.
+type ActionSubmissionPublishNoContent struct{}

 // ActionSubmissionRejectNoContent is response for ActionSubmissionReject operation.
 type ActionSubmissionRejectNoContent struct{}
@@ -20,23 +19,20 @@ type ActionSubmissionRejectNoContent struct{}
 // ActionSubmissionRequestChangesNoContent is response for ActionSubmissionRequestChanges operation.
 type ActionSubmissionRequestChangesNoContent struct{}

-// ActionSubmissionRetryValidateNoContent is response for ActionSubmissionRetryValidate operation.
-type ActionSubmissionRetryValidateNoContent struct{}
-
 // ActionSubmissionRevokeNoContent is response for ActionSubmissionRevoke operation.
 type ActionSubmissionRevokeNoContent struct{}

 // ActionSubmissionSubmitNoContent is response for ActionSubmissionSubmit operation.
 type ActionSubmissionSubmitNoContent struct{}

-// ActionSubmissionTriggerUploadNoContent is response for ActionSubmissionTriggerUpload operation.
-type ActionSubmissionTriggerUploadNoContent struct{}
+// ActionSubmissionTriggerPublishNoContent is response for ActionSubmissionTriggerPublish operation.
+type ActionSubmissionTriggerPublishNoContent struct{}

 // ActionSubmissionTriggerValidateNoContent is response for ActionSubmissionTriggerValidate operation.
 type ActionSubmissionTriggerValidateNoContent struct{}

-// ActionSubmissionValidatedNoContent is response for ActionSubmissionValidated operation.
-type ActionSubmissionValidatedNoContent struct{}
+// ActionSubmissionValidateNoContent is response for ActionSubmissionValidate operation.
+type ActionSubmissionValidateNoContent struct{}

 type CookieAuth struct {
 	APIKey string
@@ -264,58 +260,84 @@ func (o OptString) Or(d string) string {
 	return d
 }

-// Ref: #/components/schemas/ReleaseInfo
-type ReleaseInfo struct {
-	SubmissionID int64     `json:"SubmissionID"`
-	Date         time.Time `json:"Date"`
+// NewOptSubmissionFilter returns new OptSubmissionFilter with value set to v.
+func NewOptSubmissionFilter(v SubmissionFilter) OptSubmissionFilter {
+	return OptSubmissionFilter{
+		Value: v,
+		Set:   true,
+	}
 }

-// GetSubmissionID returns the value of SubmissionID.
-func (s *ReleaseInfo) GetSubmissionID() int64 {
-	return s.SubmissionID
+// OptSubmissionFilter is optional SubmissionFilter.
+type OptSubmissionFilter struct {
+	Value SubmissionFilter
+	Set   bool
 }

-// GetDate returns the value of Date.
-func (s *ReleaseInfo) GetDate() time.Time {
-	return s.Date
+// IsSet returns true if OptSubmissionFilter was set.
+func (o OptSubmissionFilter) IsSet() bool { return o.Set }
+
+// Reset unsets value.
+func (o *OptSubmissionFilter) Reset() {
+	var v SubmissionFilter
+	o.Value = v
+	o.Set = false
 }

-// SetSubmissionID sets the value of SubmissionID.
-func (s *ReleaseInfo) SetSubmissionID(val int64) {
-	s.SubmissionID = val
+// SetTo sets value to v.
+func (o *OptSubmissionFilter) SetTo(v SubmissionFilter) {
+	o.Set = true
+	o.Value = v
 }

-// SetDate sets the value of Date.
-func (s *ReleaseInfo) SetDate(val time.Time) {
-	s.Date = val
+// Get returns value and boolean that denotes whether value was set.
+func (o OptSubmissionFilter) Get() (v SubmissionFilter, ok bool) {
+	if !o.Set {
+		return v, false
+	}
+	return o.Value, true
 }

-// ReleaseSubmissionsCreated is response for ReleaseSubmissions operation.
-type ReleaseSubmissionsCreated struct{}
-
-// Ref: #/components/schemas/Roles
-type Roles struct {
-	Roles int32 `json:"Roles"`
+// Or returns value if set, or given parameter if does not.
+func (o OptSubmissionFilter) Or(d SubmissionFilter) SubmissionFilter {
+	if v, ok := o.Get(); ok {
+		return v
+	}
+	return d
 }

-// GetRoles returns the value of Roles.
-func (s *Roles) GetRoles() int32 {
-	return s.Roles
+// Ref: #/components/schemas/Pagination
+type Pagination struct {
+	Page  int32 `json:"Page"`
+	Limit int32 `json:"Limit"`
 }

-// SetRoles sets the value of Roles.
-func (s *Roles) SetRoles(val int32) {
-	s.Roles = val
+// GetPage returns the value of Page.
+func (s *Pagination) GetPage() int32 {
+	return s.Page
+}
+
+// GetLimit returns the value of Limit.
+func (s *Pagination) GetLimit() int32 {
+	return s.Limit
+}
+
+// SetPage sets the value of Page.
+func (s *Pagination) SetPage(val int32) {
+	s.Page = val
+}
+
+// SetLimit sets the value of Limit.
+func (s *Pagination) SetLimit(val int32) {
+	s.Limit = val
 }

 // Ref: #/components/schemas/Script
 type Script struct {
 	ID           int64  `json:"ID"`
-	Name         string `json:"Name"`
 	Hash         string `json:"Hash"`
 	Source       string `json:"Source"`
-	ResourceType int32  `json:"ResourceType"`
-	ResourceID   int64  `json:"ResourceID"`
+	SubmissionID int64  `json:"SubmissionID"`
 }

 // GetID returns the value of ID.
@@ -323,11 +345,6 @@ func (s *Script) GetID() int64 {
 	return s.ID
 }

-// GetName returns the value of Name.
-func (s *Script) GetName() string {
-	return s.Name
-}
-
 // GetHash returns the value of Hash.
 func (s *Script) GetHash() string {
 	return s.Hash
@@ -338,14 +355,9 @@ func (s *Script) GetSource() string {
 	return s.Source
 }

-// GetResourceType returns the value of ResourceType.
-func (s *Script) GetResourceType() int32 {
-	return s.ResourceType
-}
-
-// GetResourceID returns the value of ResourceID.
-func (s *Script) GetResourceID() int64 {
-	return s.ResourceID
+// GetSubmissionID returns the value of SubmissionID.
+func (s *Script) GetSubmissionID() int64 {
+	return s.SubmissionID
 }

 // SetID sets the value of ID.
@@ -353,11 +365,6 @@ func (s *Script) SetID(val int64) {
 	s.ID = val
 }

-// SetName sets the value of Name.
-func (s *Script) SetName(val string) {
-	s.Name = val
-}
-
 // SetHash sets the value of Hash.
 func (s *Script) SetHash(val string) {
 	s.Hash = val
@@ -368,27 +375,15 @@ func (s *Script) SetSource(val string) {
 	s.Source = val
 }

-// SetResourceType sets the value of ResourceType.
-func (s *Script) SetResourceType(val int32) {
-	s.ResourceType = val
-}
-
-// SetResourceID sets the value of ResourceID.
-func (s *Script) SetResourceID(val int64) {
-	s.ResourceID = val
+// SetSubmissionID sets the value of SubmissionID.
+func (s *Script) SetSubmissionID(val int64) {
+	s.SubmissionID = val
 }

 // Ref: #/components/schemas/ScriptCreate
 type ScriptCreate struct {
-	Name         string   `json:"Name"`
 	Source       string   `json:"Source"`
-	ResourceType int32    `json:"ResourceType"`
-	ResourceID   OptInt64 `json:"ResourceID"`
-}
-
-// GetName returns the value of Name.
-func (s *ScriptCreate) GetName() string {
-	return s.Name
+	SubmissionID OptInt64 `json:"SubmissionID"`
 }

 // GetSource returns the value of Source.
@@ -396,19 +391,9 @@ func (s *ScriptCreate) GetSource() string {
 	return s.Source
 }

-// GetResourceType returns the value of ResourceType.
-func (s *ScriptCreate) GetResourceType() int32 {
-	return s.ResourceType
-}
-
-// GetResourceID returns the value of ResourceID.
-func (s *ScriptCreate) GetResourceID() OptInt64 {
-	return s.ResourceID
-}
-
-// SetName sets the value of Name.
-func (s *ScriptCreate) SetName(val string) {
-	s.Name = val
+// GetSubmissionID returns the value of SubmissionID.
+func (s *ScriptCreate) GetSubmissionID() OptInt64 {
+	return s.SubmissionID
 }

 // SetSource sets the value of Source.
@@ -416,14 +401,9 @@ func (s *ScriptCreate) SetSource(val string) {
 	s.Source = val
 }

-// SetResourceType sets the value of ResourceType.
-func (s *ScriptCreate) SetResourceType(val int32) {
-	s.ResourceType = val
-}
-
-// SetResourceID sets the value of ResourceID.
-func (s *ScriptCreate) SetResourceID(val OptInt64) {
-	s.ResourceID = val
+// SetSubmissionID sets the value of SubmissionID.
+func (s *ScriptCreate) SetSubmissionID(val OptInt64) {
+	s.SubmissionID = val
 }

 // Ref: #/components/schemas/ScriptPolicy
@@ -562,10 +542,8 @@ func (s *ScriptPolicyUpdate) SetPolicy(val OptInt32) {
 // Ref: #/components/schemas/ScriptUpdate
 type ScriptUpdate struct {
 	ID           int64     `json:"ID"`
-	Name         OptString `json:"Name"`
 	Source       OptString `json:"Source"`
-	ResourceType OptInt32  `json:"ResourceType"`
-	ResourceID   OptInt64  `json:"ResourceID"`
+	SubmissionID OptInt64  `json:"SubmissionID"`
 }

 // GetID returns the value of ID.
@@ -573,24 +551,14 @@ func (s *ScriptUpdate) GetID() int64 {
 	return s.ID
 }

-// GetName returns the value of Name.
-func (s *ScriptUpdate) GetName() OptString {
-	return s.Name
-}
-
 // GetSource returns the value of Source.
 func (s *ScriptUpdate) GetSource() OptString {
 	return s.Source
 }

-// GetResourceType returns the value of ResourceType.
-func (s *ScriptUpdate) GetResourceType() OptInt32 {
-	return s.ResourceType
-}
-
-// GetResourceID returns the value of ResourceID.
-func (s *ScriptUpdate) GetResourceID() OptInt64 {
-	return s.ResourceID
+// GetSubmissionID returns the value of SubmissionID.
+func (s *ScriptUpdate) GetSubmissionID() OptInt64 {
+	return s.SubmissionID
 }

 // SetID sets the value of ID.
@@ -598,24 +566,14 @@ func (s *ScriptUpdate) SetID(val int64) {
 	s.ID = val
 }

-// SetName sets the value of Name.
-func (s *ScriptUpdate) SetName(val OptString) {
-	s.Name = val
-}
-
 // SetSource sets the value of Source.
 func (s *ScriptUpdate) SetSource(val OptString) {
 	s.Source = val
 }

-// SetResourceType sets the value of ResourceType.
-func (s *ScriptUpdate) SetResourceType(val OptInt32) {
-	s.ResourceType = val
-}
-
-// SetResourceID sets the value of ResourceID.
-func (s *ScriptUpdate) SetResourceID(val OptInt64) {
-	s.ResourceID = val
+// SetSubmissionID sets the value of SubmissionID.
+func (s *ScriptUpdate) SetSubmissionID(val OptInt64) {
+	s.SubmissionID = val
 }

 // SetSubmissionCompletedNoContent is response for SetSubmissionCompleted operation.
@@ -623,19 +581,19 @@ type SetSubmissionCompletedNoContent struct{}

 // Ref: #/components/schemas/Submission
 type Submission struct {
-	ID              int64    `json:"ID"`
-	DisplayName     string   `json:"DisplayName"`
-	Creator         string   `json:"Creator"`
-	GameID          int32    `json:"GameID"`
-	CreatedAt       int64    `json:"CreatedAt"`
-	UpdatedAt       int64    `json:"UpdatedAt"`
-	Submitter       int64    `json:"Submitter"`
-	AssetID         int64    `json:"AssetID"`
-	AssetVersion    int64    `json:"AssetVersion"`
-	Completed       bool     `json:"Completed"`
-	UploadedAssetID OptInt64 `json:"UploadedAssetID"`
-	StatusID        int32    `json:"StatusID"`
-	StatusMessage   string   `json:"StatusMessage"`
+	ID             int64    `json:"ID"`
+	DisplayName    string   `json:"DisplayName"`
+	Creator        string   `json:"Creator"`
+	GameID         int32    `json:"GameID"`
+	CreatedAt      int64    `json:"CreatedAt"`
+	UpdatedAt      int64    `json:"UpdatedAt"`
+	Submitter      int64    `json:"Submitter"`
+	AssetID        int64    `json:"AssetID"`
+	AssetVersion   int64    `json:"AssetVersion"`
+	Completed      bool     `json:"Completed"`
+	SubmissionType int32    `json:"SubmissionType"`
+	TargetAssetID  OptInt64 `json:"TargetAssetID"`
+	StatusID       int32    `json:"StatusID"`
 }

 // GetID returns the value of ID.
@@ -688,9 +646,14 @@ func (s *Submission) GetCompleted() bool {
 	return s.Completed
 }

-// GetUploadedAssetID returns the value of UploadedAssetID.
-func (s *Submission) GetUploadedAssetID() OptInt64 {
-	return s.UploadedAssetID
+// GetSubmissionType returns the value of SubmissionType.
+func (s *Submission) GetSubmissionType() int32 {
+	return s.SubmissionType
+}
+
+// GetTargetAssetID returns the value of TargetAssetID.
+func (s *Submission) GetTargetAssetID() OptInt64 {
+	return s.TargetAssetID
 }

 // GetStatusID returns the value of StatusID.
@@ -698,11 +661,6 @@ func (s *Submission) GetStatusID() int32 {
 	return s.StatusID
 }

-// GetStatusMessage returns the value of StatusMessage.
-func (s *Submission) GetStatusMessage() string {
-	return s.StatusMessage
-}
-
 // SetID sets the value of ID.
 func (s *Submission) SetID(val int64) {
 	s.ID = val
@@ -753,9 +711,14 @@ func (s *Submission) SetCompleted(val bool) {
 	s.Completed = val
 }

-// SetUploadedAssetID sets the value of UploadedAssetID.
-func (s *Submission) SetUploadedAssetID(val OptInt64) {
-	s.UploadedAssetID = val
+// SetSubmissionType sets the value of SubmissionType.
+func (s *Submission) SetSubmissionType(val int32) {
+	s.SubmissionType = val
+}
+
+// SetTargetAssetID sets the value of TargetAssetID.
+func (s *Submission) SetTargetAssetID(val OptInt64) {
+	s.TargetAssetID = val
 }

 // SetStatusID sets the value of StatusID.
@@ -763,18 +726,14 @@ func (s *Submission) SetStatusID(val int32) {
 	s.StatusID = val
 }

-// SetStatusMessage sets the value of StatusMessage.
-func (s *Submission) SetStatusMessage(val string) {
-	s.StatusMessage = val
-}
-
 // Ref: #/components/schemas/SubmissionCreate
 type SubmissionCreate struct {
-	DisplayName  string `json:"DisplayName"`
-	Creator      string `json:"Creator"`
-	GameID       int32  `json:"GameID"`
-	AssetID      int64  `json:"AssetID"`
-	AssetVersion int64  `json:"AssetVersion"`
+	DisplayName   string   `json:"DisplayName"`
+	Creator       string   `json:"Creator"`
+	GameID        int32    `json:"GameID"`
+	AssetID       int64    `json:"AssetID"`
+	AssetVersion  int64    `json:"AssetVersion"`
+	TargetAssetID OptInt64 `json:"TargetAssetID"`
 }

 // GetDisplayName returns the value of DisplayName.
@@ -802,6 +761,11 @@ func (s *SubmissionCreate) GetAssetVersion() int64 {
 	return s.AssetVersion
 }

+// GetTargetAssetID returns the value of TargetAssetID.
+func (s *SubmissionCreate) GetTargetAssetID() OptInt64 {
+	return s.TargetAssetID
+}
+
 // SetDisplayName sets the value of DisplayName.
 func (s *SubmissionCreate) SetDisplayName(val string) {
 	s.DisplayName = val
@@ -827,6 +791,59 @@ func (s *SubmissionCreate) SetAssetVersion(val int64) {
 	s.AssetVersion = val
 }

+// SetTargetAssetID sets the value of TargetAssetID.
+func (s *SubmissionCreate) SetTargetAssetID(val OptInt64) {
+	s.TargetAssetID = val
+}
+
+// Ref: #/components/schemas/SubmissionFilter
+type SubmissionFilter struct {
+	ID          int64     `json:"ID"`
+	DisplayName OptString `json:"DisplayName"`
+	Creator     OptString `json:"Creator"`
+	GameID      OptInt32  `json:"GameID"`
+}
+
+// GetID returns the value of ID.
+func (s *SubmissionFilter) GetID() int64 {
+	return s.ID
+}
+
+// GetDisplayName returns the value of DisplayName.
+func (s *SubmissionFilter) GetDisplayName() OptString {
+	return s.DisplayName
+}
+
+// GetCreator returns the value of Creator.
+func (s *SubmissionFilter) GetCreator() OptString {
+	return s.Creator
+}
+
+// GetGameID returns the value of GameID.
+func (s *SubmissionFilter) GetGameID() OptInt32 {
+	return s.GameID
+}
+
+// SetID sets the value of ID.
+func (s *SubmissionFilter) SetID(val int64) {
+	s.ID = val
+}
+
+// SetDisplayName sets the value of DisplayName.
+func (s *SubmissionFilter) SetDisplayName(val OptString) {
+	s.DisplayName = val
+}
+
+// SetCreator sets the value of Creator.
+func (s *SubmissionFilter) SetCreator(val OptString) {
+	s.Creator = val
+}
+
+// SetGameID sets the value of GameID.
+func (s *SubmissionFilter) SetGameID(val OptInt32) {
+	s.GameID = val
+}
+
 // UpdateScriptNoContent is response for UpdateScript operation.
 type UpdateScriptNoContent struct{}

@@ -835,40 +852,3 @@ type UpdateScriptPolicyNoContent struct{}

 // UpdateSubmissionModelNoContent is response for UpdateSubmissionModel operation.
 type UpdateSubmissionModelNoContent struct{}
-
-// Ref: #/components/schemas/User
-type User struct {
-	UserID    int64  `json:"UserID"`
-	Username  string `json:"Username"`
-	AvatarURL string `json:"AvatarURL"`
-}
-
-// GetUserID returns the value of UserID.
-func (s *User) GetUserID() int64 {
-	return s.UserID
-}
-
-// GetUsername returns the value of Username.
-func (s *User) GetUsername() string {
-	return s.Username
-}
-
-// GetAvatarURL returns the value of AvatarURL.
-func (s *User) GetAvatarURL() string {
-	return s.AvatarURL
-}
-
-// SetUserID sets the value of UserID.
-func (s *User) SetUserID(val int64) {
-	s.UserID = val
-}
-
-// SetUsername sets the value of Username.
-func (s *User) SetUsername(val string) {
-	s.Username = val
-}
-
-// SetAvatarURL sets the value of AvatarURL.
-func (s *User) SetAvatarURL(val string) {
-	s.AvatarURL = val
-}
--- a/pkg/api/oas_server_gen.go
+++ b/pkg/api/oas_server_gen.go
@@ -8,12 +8,12 @@ import (

 // Handler handles operations described by OpenAPI v3 specification.
 type Handler interface {
-	// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+	// ActionSubmissionPublish implements actionSubmissionPublish operation.
 	//
-	// Role Reviewer manually resets validating softlock and changes status from Validating -> Accepted.
+	// (Internal endpoint) Role Validator changes status from Publishing -> Published.
 	//
-	// POST /submissions/{SubmissionID}/status/reset-validating
-	ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error
+	// POST /submissions/{SubmissionID}/status/validator-published
+	ActionSubmissionPublish(ctx context.Context, params ActionSubmissionPublishParams) error
 	// ActionSubmissionReject implements actionSubmissionReject operation.
 	//
 	// Role Reviewer changes status from Submitted -> Rejected.
@@ -26,12 +26,6 @@ type Handler interface {
 	//
 	// POST /submissions/{SubmissionID}/status/request-changes
 	ActionSubmissionRequestChanges(ctx context.Context, params ActionSubmissionRequestChangesParams) error
-	// ActionSubmissionRetryValidate implements actionSubmissionRetryValidate operation.
-	//
-	// Role Reviewer re-runs validation and changes status from Accepted -> Validating.
-	//
-	// POST /submissions/{SubmissionID}/status/retry-validate
-	ActionSubmissionRetryValidate(ctx context.Context, params ActionSubmissionRetryValidateParams) error
 	// ActionSubmissionRevoke implements actionSubmissionRevoke operation.
 	//
 	// Role Submitter changes status from Submitted|ChangesRequested -> UnderConstruction.
@@ -44,24 +38,24 @@ type Handler interface {
 	//
 	// POST /submissions/{SubmissionID}/status/submit
 	ActionSubmissionSubmit(ctx context.Context, params ActionSubmissionSubmitParams) error
-	// ActionSubmissionTriggerUpload implements actionSubmissionTriggerUpload operation.
+	// ActionSubmissionTriggerPublish implements actionSubmissionTriggerPublish operation.
 	//
-	// Role Admin changes status from Validated -> Uploading.
+	// Role Admin changes status from Validated -> Publishing.
 	//
-	// POST /submissions/{SubmissionID}/status/trigger-upload
-	ActionSubmissionTriggerUpload(ctx context.Context, params ActionSubmissionTriggerUploadParams) error
+	// POST /submissions/{SubmissionID}/status/trigger-publish
+	ActionSubmissionTriggerPublish(ctx context.Context, params ActionSubmissionTriggerPublishParams) error
 	// ActionSubmissionTriggerValidate implements actionSubmissionTriggerValidate operation.
 	//
-	// Role Reviewer triggers validation and changes status from Submitted -> Validating.
+	// Role Reviewer triggers validation and changes status from Submitted|Accepted -> Validating.
 	//
 	// POST /submissions/{SubmissionID}/status/trigger-validate
 	ActionSubmissionTriggerValidate(ctx context.Context, params ActionSubmissionTriggerValidateParams) error
-	// ActionSubmissionValidated implements actionSubmissionValidated operation.
+	// ActionSubmissionValidate implements actionSubmissionValidate operation.
 	//
-	// Role Admin manually resets uploading softlock and changes status from Uploading -> Validated.
+	// (Internal endpoint) Role Validator changes status from Validating -> Validated.
 	//
-	// POST /submissions/{SubmissionID}/status/reset-uploading
-	ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error
+	// POST /submissions/{SubmissionID}/status/validator-validated
+	ActionSubmissionValidate(ctx context.Context, params ActionSubmissionValidateParams) error
 	// CreateScript implements createScript operation.
 	//
 	// Create a new script.
@@ -90,7 +84,7 @@ type Handler interface {
 	//
 	// Delete the specified script policy by ID.
 	//
-	// DELETE /script-policy/{ScriptPolicyID}
+	// DELETE /script-policy/id/{ScriptPolicyID}
 	DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error
 	// GetScript implements getScript operation.
 	//
@@ -102,59 +96,29 @@ type Handler interface {
 	//
 	// Get the specified script policy by ID.
 	//
-	// GET /script-policy/{ScriptPolicyID}
+	// GET /script-policy/id/{ScriptPolicyID}
 	GetScriptPolicy(ctx context.Context, params GetScriptPolicyParams) (*ScriptPolicy, error)
+	// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
+	//
+	// Get the policy for the given hash of script source code.
+	//
+	// GET /script-policy/hash/{FromScriptHash}
+	GetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (*ScriptPolicy, error)
 	// GetSubmission implements getSubmission operation.
 	//
 	// Retrieve map with ID.
 	//
 	// GET /submissions/{SubmissionID}
 	GetSubmission(ctx context.Context, params GetSubmissionParams) (*Submission, error)
-	// ListScriptPolicy implements listScriptPolicy operation.
-	//
-	// Get list of script policies.
-	//
-	// GET /script-policy
-	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
-	// ListScripts implements listScripts operation.
-	//
-	// Get list of scripts.
-	//
-	// GET /scripts
-	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
 	// ListSubmissions implements listSubmissions operation.
 	//
 	// Get list of submissions.
 	//
 	// GET /submissions
 	ListSubmissions(ctx context.Context, params ListSubmissionsParams) ([]Submission, error)
-	// ReleaseSubmissions implements releaseSubmissions operation.
-	//
-	// Release a set of uploaded maps.
-	//
-	// POST /release-submissions
-	ReleaseSubmissions(ctx context.Context, req []ReleaseInfo) error
-	// SessionRoles implements sessionRoles operation.
-	//
-	// Get list of roles for the current session.
-	//
-	// GET /session/roles
-	SessionRoles(ctx context.Context) (*Roles, error)
-	// SessionUser implements sessionUser operation.
-	//
-	// Get information about the currently logged in user.
-	//
-	// GET /session/user
-	SessionUser(ctx context.Context) (*User, error)
-	// SessionValidate implements sessionValidate operation.
-	//
-	// Ask if the current session is valid.
-	//
-	// GET /session/validate
-	SessionValidate(ctx context.Context) (bool, error)
 	// SetSubmissionCompleted implements setSubmissionCompleted operation.
 	//
-	// Called by maptest when a player completes the map.
+	// Retrieve map with ID.
 	//
 	// POST /submissions/{SubmissionID}/completed
 	SetSubmissionCompleted(ctx context.Context, params SetSubmissionCompletedParams) error
@@ -168,7 +132,7 @@ type Handler interface {
 	//
 	// Update the specified script policy by ID.
 	//
-	// POST /script-policy/{ScriptPolicyID}
+	// POST /script-policy/id/{ScriptPolicyID}
 	UpdateScriptPolicy(ctx context.Context, req *ScriptPolicyUpdate, params UpdateScriptPolicyParams) error
 	// UpdateSubmissionModel implements updateSubmissionModel operation.
 	//
--- a/pkg/api/oas_unimplemented_gen.go
+++ b/pkg/api/oas_unimplemented_gen.go
@@ -13,12 +13,12 @@ type UnimplementedHandler struct{}

 var _ Handler = UnimplementedHandler{}

-// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
+// ActionSubmissionPublish implements actionSubmissionPublish operation.
 //
-// Role Reviewer manually resets validating softlock and changes status from Validating -> Accepted.
+// (Internal endpoint) Role Validator changes status from Publishing -> Published.
 //
-// POST /submissions/{SubmissionID}/status/reset-validating
-func (UnimplementedHandler) ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error {
+// POST /submissions/{SubmissionID}/status/validator-published
+func (UnimplementedHandler) ActionSubmissionPublish(ctx context.Context, params ActionSubmissionPublishParams) error {
 	return ht.ErrNotImplemented
 }

@@ -40,15 +40,6 @@ func (UnimplementedHandler) ActionSubmissionRequestChanges(ctx context.Context,
 	return ht.ErrNotImplemented
 }

-// ActionSubmissionRetryValidate implements actionSubmissionRetryValidate operation.
-//
-// Role Reviewer re-runs validation and changes status from Accepted -> Validating.
-//
-// POST /submissions/{SubmissionID}/status/retry-validate
-func (UnimplementedHandler) ActionSubmissionRetryValidate(ctx context.Context, params ActionSubmissionRetryValidateParams) error {
-	return ht.ErrNotImplemented
-}
-
 // ActionSubmissionRevoke implements actionSubmissionRevoke operation.
 //
 // Role Submitter changes status from Submitted|ChangesRequested -> UnderConstruction.
@@ -67,30 +58,30 @@ func (UnimplementedHandler) ActionSubmissionSubmit(ctx context.Context, params A
 	return ht.ErrNotImplemented
 }

-// ActionSubmissionTriggerUpload implements actionSubmissionTriggerUpload operation.
+// ActionSubmissionTriggerPublish implements actionSubmissionTriggerPublish operation.
 //
-// Role Admin changes status from Validated -> Uploading.
+// Role Admin changes status from Validated -> Publishing.
 //
-// POST /submissions/{SubmissionID}/status/trigger-upload
-func (UnimplementedHandler) ActionSubmissionTriggerUpload(ctx context.Context, params ActionSubmissionTriggerUploadParams) error {
+// POST /submissions/{SubmissionID}/status/trigger-publish
+func (UnimplementedHandler) ActionSubmissionTriggerPublish(ctx context.Context, params ActionSubmissionTriggerPublishParams) error {
 	return ht.ErrNotImplemented
 }

 // ActionSubmissionTriggerValidate implements actionSubmissionTriggerValidate operation.
 //
-// Role Reviewer triggers validation and changes status from Submitted -> Validating.
+// Role Reviewer triggers validation and changes status from Submitted|Accepted -> Validating.
 //
 // POST /submissions/{SubmissionID}/status/trigger-validate
 func (UnimplementedHandler) ActionSubmissionTriggerValidate(ctx context.Context, params ActionSubmissionTriggerValidateParams) error {
 	return ht.ErrNotImplemented
 }

-// ActionSubmissionValidated implements actionSubmissionValidated operation.
+// ActionSubmissionValidate implements actionSubmissionValidate operation.
 //
-// Role Admin manually resets uploading softlock and changes status from Uploading -> Validated.
+// (Internal endpoint) Role Validator changes status from Validating -> Validated.
 //
-// POST /submissions/{SubmissionID}/status/reset-uploading
-func (UnimplementedHandler) ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error {
+// POST /submissions/{SubmissionID}/status/validator-validated
+func (UnimplementedHandler) ActionSubmissionValidate(ctx context.Context, params ActionSubmissionValidateParams) error {
 	return ht.ErrNotImplemented
 }

@@ -134,7 +125,7 @@ func (UnimplementedHandler) DeleteScript(ctx context.Context, params DeleteScrip
 //
 // Delete the specified script policy by ID.
 //
-// DELETE /script-policy/{ScriptPolicyID}
+// DELETE /script-policy/id/{ScriptPolicyID}
 func (UnimplementedHandler) DeleteScriptPolicy(ctx context.Context, params DeleteScriptPolicyParams) error {
 	return ht.ErrNotImplemented
 }
@@ -152,11 +143,20 @@ func (UnimplementedHandler) GetScript(ctx context.Context, params GetScriptParam
 //
 // Get the specified script policy by ID.
 //
-// GET /script-policy/{ScriptPolicyID}
+// GET /script-policy/id/{ScriptPolicyID}
 func (UnimplementedHandler) GetScriptPolicy(ctx context.Context, params GetScriptPolicyParams) (r *ScriptPolicy, _ error) {
 	return r, ht.ErrNotImplemented
 }

+// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
+//
+// Get the policy for the given hash of script source code.
+//
+// GET /script-policy/hash/{FromScriptHash}
+func (UnimplementedHandler) GetScriptPolicyFromHash(ctx context.Context, params GetScriptPolicyFromHashParams) (r *ScriptPolicy, _ error) {
+	return r, ht.ErrNotImplemented
+}
+
 // GetSubmission implements getSubmission operation.
 //
 // Retrieve map with ID.
@@ -166,24 +166,6 @@ func (UnimplementedHandler) GetSubmission(ctx context.Context, params GetSubmiss
 	return r, ht.ErrNotImplemented
 }

-// ListScriptPolicy implements listScriptPolicy operation.
-//
-// Get list of script policies.
-//
-// GET /script-policy
-func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (r []ScriptPolicy, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
-// ListScripts implements listScripts operation.
-//
-// Get list of scripts.
-//
-// GET /scripts
-func (UnimplementedHandler) ListScripts(ctx context.Context, params ListScriptsParams) (r []Script, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
 // ListSubmissions implements listSubmissions operation.
 //
 // Get list of submissions.
@@ -193,45 +175,9 @@ func (UnimplementedHandler) ListSubmissions(ctx context.Context, params ListSubm
 	return r, ht.ErrNotImplemented
 }

-// ReleaseSubmissions implements releaseSubmissions operation.
-//
-// Release a set of uploaded maps.
-//
-// POST /release-submissions
-func (UnimplementedHandler) ReleaseSubmissions(ctx context.Context, req []ReleaseInfo) error {
-	return ht.ErrNotImplemented
-}
-
-// SessionRoles implements sessionRoles operation.
-//
-// Get list of roles for the current session.
-//
-// GET /session/roles
-func (UnimplementedHandler) SessionRoles(ctx context.Context) (r *Roles, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
-// SessionUser implements sessionUser operation.
-//
-// Get information about the currently logged in user.
-//
-// GET /session/user
-func (UnimplementedHandler) SessionUser(ctx context.Context) (r *User, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
-// SessionValidate implements sessionValidate operation.
-//
-// Ask if the current session is valid.
-//
-// GET /session/validate
-func (UnimplementedHandler) SessionValidate(ctx context.Context) (r bool, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
 // SetSubmissionCompleted implements setSubmissionCompleted operation.
 //
-// Called by maptest when a player completes the map.
+// Retrieve map with ID.
 //
 // POST /submissions/{SubmissionID}/completed
 func (UnimplementedHandler) SetSubmissionCompleted(ctx context.Context, params SetSubmissionCompletedParams) error {
@@ -251,7 +197,7 @@ func (UnimplementedHandler) UpdateScript(ctx context.Context, req *ScriptUpdate,
 //
 // Update the specified script policy by ID.
 //
-// POST /script-policy/{ScriptPolicyID}
+// POST /script-policy/id/{ScriptPolicyID}
 func (UnimplementedHandler) UpdateScriptPolicy(ctx context.Context, req *ScriptPolicyUpdate, params UpdateScriptPolicyParams) error {
 	return ht.ErrNotImplemented
 }
--- a/pkg/api/oas_uri_gen.go
+++ b/pkg/api/oas_uri_gen.go
@@ -0,0 +1,305 @@
+// Code generated by ogen, DO NOT EDIT.
+
+package api
+
+import (
+	"math/bits"
+	"strconv"
+
+	"github.com/go-faster/errors"
+
+	"github.com/ogen-go/ogen/conv"
+	"github.com/ogen-go/ogen/uri"
+	"github.com/ogen-go/ogen/validate"
+)
+
+// EncodeURI encodes Pagination as URI form.
+func (s *Pagination) EncodeURI(e uri.Encoder) error {
+	if err := e.EncodeField("Page", func(e uri.Encoder) error {
+		return e.EncodeValue(conv.Int32ToString(s.Page))
+	}); err != nil {
+		return errors.Wrap(err, "encode field \"Page\"")
+	}
+	if err := e.EncodeField("Limit", func(e uri.Encoder) error {
+		return e.EncodeValue(conv.Int32ToString(s.Limit))
+	}); err != nil {
+		return errors.Wrap(err, "encode field \"Limit\"")
+	}
+	return nil
+}
+
+var uriFieldsNameOfPagination = [2]string{
+	0: "Page",
+	1: "Limit",
+}
+
+// DecodeURI decodes Pagination from URI form.
+func (s *Pagination) DecodeURI(d uri.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode Pagination to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.DecodeFields(func(k string, d uri.Decoder) error {
+		switch k {
+		case "Page":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt32(val)
+				if err != nil {
+					return err
+				}
+
+				s.Page = c
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Page\"")
+			}
+		case "Limit":
+			requiredBitSet[0] |= 1 << 1
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt32(val)
+				if err != nil {
+					return err
+				}
+
+				s.Limit = c
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Limit\"")
+			}
+		default:
+			return nil
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode Pagination")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b00000011,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(uriFieldsNameOfPagination) {
+					name = uriFieldsNameOfPagination[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
+
+// EncodeURI encodes SubmissionFilter as URI form.
+func (s *SubmissionFilter) EncodeURI(e uri.Encoder) error {
+	if err := e.EncodeField("ID", func(e uri.Encoder) error {
+		return e.EncodeValue(conv.Int64ToString(s.ID))
+	}); err != nil {
+		return errors.Wrap(err, "encode field \"ID\"")
+	}
+	if err := e.EncodeField("DisplayName", func(e uri.Encoder) error {
+		if val, ok := s.DisplayName.Get(); ok {
+			return e.EncodeValue(conv.StringToString(val))
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "encode field \"DisplayName\"")
+	}
+	if err := e.EncodeField("Creator", func(e uri.Encoder) error {
+		if val, ok := s.Creator.Get(); ok {
+			return e.EncodeValue(conv.StringToString(val))
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "encode field \"Creator\"")
+	}
+	if err := e.EncodeField("GameID", func(e uri.Encoder) error {
+		if val, ok := s.GameID.Get(); ok {
+			return e.EncodeValue(conv.Int32ToString(val))
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "encode field \"GameID\"")
+	}
+	return nil
+}
+
+var uriFieldsNameOfSubmissionFilter = [4]string{
+	0: "ID",
+	1: "DisplayName",
+	2: "Creator",
+	3: "GameID",
+}
+
+// DecodeURI decodes SubmissionFilter from URI form.
+func (s *SubmissionFilter) DecodeURI(d uri.Decoder) error {
+	if s == nil {
+		return errors.New("invalid: unable to decode SubmissionFilter to nil")
+	}
+	var requiredBitSet [1]uint8
+
+	if err := d.DecodeFields(func(k string, d uri.Decoder) error {
+		switch k {
+		case "ID":
+			requiredBitSet[0] |= 1 << 0
+			if err := func() error {
+				val, err := d.DecodeValue()
+				if err != nil {
+					return err
+				}
+
+				c, err := conv.ToInt64(val)
+				if err != nil {
+					return err
+				}
+
+				s.ID = c
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"ID\"")
+			}
+		case "DisplayName":
+			if err := func() error {
+				var sDotDisplayNameVal string
+				if err := func() error {
+					val, err := d.DecodeValue()
+					if err != nil {
+						return err
+					}
+
+					c, err := conv.ToString(val)
+					if err != nil {
+						return err
+					}
+
+					sDotDisplayNameVal = c
+					return nil
+				}(); err != nil {
+					return err
+				}
+				s.DisplayName.SetTo(sDotDisplayNameVal)
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"DisplayName\"")
+			}
+		case "Creator":
+			if err := func() error {
+				var sDotCreatorVal string
+				if err := func() error {
+					val, err := d.DecodeValue()
+					if err != nil {
+						return err
+					}
+
+					c, err := conv.ToString(val)
+					if err != nil {
+						return err
+					}
+
+					sDotCreatorVal = c
+					return nil
+				}(); err != nil {
+					return err
+				}
+				s.Creator.SetTo(sDotCreatorVal)
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"Creator\"")
+			}
+		case "GameID":
+			if err := func() error {
+				var sDotGameIDVal int32
+				if err := func() error {
+					val, err := d.DecodeValue()
+					if err != nil {
+						return err
+					}
+
+					c, err := conv.ToInt32(val)
+					if err != nil {
+						return err
+					}
+
+					sDotGameIDVal = c
+					return nil
+				}(); err != nil {
+					return err
+				}
+				s.GameID.SetTo(sDotGameIDVal)
+				return nil
+			}(); err != nil {
+				return errors.Wrap(err, "decode field \"GameID\"")
+			}
+		default:
+			return nil
+		}
+		return nil
+	}); err != nil {
+		return errors.Wrap(err, "decode SubmissionFilter")
+	}
+	// Validate required fields.
+	var failures []validate.FieldError
+	for i, mask := range [1]uint8{
+		0b00000001,
+	} {
+		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
+			// Mask only required fields and check equality to mask using XOR.
+			//
+			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
+			// Bits of fields which would be set are actually bits of missed fields.
+			missed := bits.OnesCount8(result)
+			for bitN := 0; bitN < missed; bitN++ {
+				bitIdx := bits.TrailingZeros8(result)
+				fieldIdx := i*8 + bitIdx
+				var name string
+				if fieldIdx < len(uriFieldsNameOfSubmissionFilter) {
+					name = uriFieldsNameOfSubmissionFilter[fieldIdx]
+				} else {
+					name = strconv.Itoa(fieldIdx)
+				}
+				failures = append(failures, validate.FieldError{
+					Name:  name,
+					Error: validate.ErrFieldRequired,
+				})
+				// Reset bit.
+				result &^= 1 << bitIdx
+			}
+		}
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+
+	return nil
+}
--- a/pkg/api/oas_validators_gen.go
+++ b/pkg/api/oas_validators_gen.go
@@ -8,31 +8,64 @@ import (
 	"github.com/ogen-go/ogen/validate"
 )

-func (s *Script) Validate() error {
+func (s *Pagination) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}

 	var failures []validate.FieldError
 	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    128,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.Name)); err != nil {
-			return errors.Wrap(err, "string")
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           1,
+			MaxSet:        false,
+			Max:           0,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.Page)); err != nil {
+			return errors.Wrap(err, "int")
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
-			Name:  "Name",
+			Name:  "Page",
 			Error: err,
 		})
 	}
+	if err := func() error {
+		if err := (validate.Int{
+			MinSet:        true,
+			Min:           1,
+			MaxSet:        true,
+			Max:           100,
+			MinExclusive:  false,
+			MaxExclusive:  false,
+			MultipleOfSet: false,
+			MultipleOf:    0,
+		}).Validate(int64(s.Limit)); err != nil {
+			return errors.Wrap(err, "int")
+		}
+		return nil
+	}(); err != nil {
+		failures = append(failures, validate.FieldError{
+			Name:  "Limit",
+			Error: err,
+		})
+	}
+	if len(failures) > 0 {
+		return &validate.Error{Fields: failures}
+	}
+	return nil
+}
+
+func (s *Script) Validate() error {
+	if s == nil {
+		return validate.ErrNilPointer
+	}
+
+	var failures []validate.FieldError
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    16,
@@ -83,25 +116,6 @@ func (s *ScriptCreate) Validate() error {
 	}

 	var failures []validate.FieldError
-	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    128,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.Name)); err != nil {
-			return errors.Wrap(err, "string")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Name",
-			Error: err,
-		})
-	}
 	if err := func() error {
 		if err := (validate.String{
 			MinLength:    0,
@@ -164,32 +178,6 @@ func (s *ScriptUpdate) Validate() error {
 	}

 	var failures []validate.FieldError
-	if err := func() error {
-		if value, ok := s.Name.Get(); ok {
-			if err := func() error {
-				if err := (validate.String{
-					MinLength:    0,
-					MinLengthSet: false,
-					MaxLength:    128,
-					MaxLengthSet: true,
-					Email:        false,
-					Hostname:     false,
-					Regex:        nil,
-				}).Validate(string(value)); err != nil {
-					return errors.Wrap(err, "string")
-				}
-				return nil
-			}(); err != nil {
-				return err
-			}
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Name",
-			Error: err,
-		})
-	}
 	if err := func() error {
 		if value, ok := s.Source.Get(); ok {
 			if err := func() error {
@@ -266,25 +254,6 @@ func (s *Submission) Validate() error {
 			Error: err,
 		})
 	}
-	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    256,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.StatusMessage)); err != nil {
-			return errors.Wrap(err, "string")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "StatusMessage",
-			Error: err,
-		})
-	}
 	if len(failures) > 0 {
 		return &validate.Error{Fields: failures}
 	}
@@ -341,47 +310,61 @@ func (s *SubmissionCreate) Validate() error {
 	return nil
 }

-func (s *User) Validate() error {
+func (s *SubmissionFilter) Validate() error {
 	if s == nil {
 		return validate.ErrNilPointer
 	}

 	var failures []validate.FieldError
 	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    128,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.Username)); err != nil {
-			return errors.Wrap(err, "string")
+		if value, ok := s.DisplayName.Get(); ok {
+			if err := func() error {
+				if err := (validate.String{
+					MinLength:    0,
+					MinLengthSet: false,
+					MaxLength:    128,
+					MaxLengthSet: true,
+					Email:        false,
+					Hostname:     false,
+					Regex:        nil,
+				}).Validate(string(value)); err != nil {
+					return errors.Wrap(err, "string")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
-			Name:  "Username",
+			Name:  "DisplayName",
 			Error: err,
 		})
 	}
 	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    256,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.AvatarURL)); err != nil {
-			return errors.Wrap(err, "string")
+		if value, ok := s.Creator.Get(); ok {
+			if err := func() error {
+				if err := (validate.String{
+					MinLength:    0,
+					MinLengthSet: false,
+					MaxLength:    128,
+					MaxLengthSet: true,
+					Email:        false,
+					Hostname:     false,
+					Regex:        nil,
+				}).Validate(string(value)); err != nil {
+					return errors.Wrap(err, "string")
+				}
+				return nil
+			}(); err != nil {
+				return err
+			}
 		}
 		return nil
 	}(); err != nil {
 		failures = append(failures, validate.FieldError{
-			Name:  "AvatarURL",
+			Name:  "Creator",
 			Error: err,
 		})
 	}
--- a/pkg/cmds/serve.go
+++ b/pkg/cmds/serve.go
@@ -2,20 +2,16 @@ package cmds

 import (
 	"fmt"
-	"net/http"
-
 	"git.itzana.me/strafesnet/go-grpc/auth"
-	"git.itzana.me/strafesnet/go-grpc/maps"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore/gormstore"
-	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
 	"git.itzana.me/strafesnet/maps-service/pkg/service"
-	"git.itzana.me/strafesnet/maps-service/pkg/service_internal"
 	"github.com/nats-io/nats.go"
 	log "github.com/sirupsen/logrus"
 	"github.com/urfave/cli/v2"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials/insecure"
+	"net/http"
 )

 func NewServeCommand() *cli.Command {
@@ -66,24 +62,12 @@ func NewServeCommand() *cli.Command {
 				Value:   8080,
 				EnvVars: []string{"PORT"},
 			},
-			&cli.IntFlag{
-				Name:    "port-internal",
-				Usage:   "Port to listen on for internal api",
-				Value:   8081,
-				EnvVars: []string{"PORT_INTERNAL"},
-			},
 			&cli.StringFlag{
 				Name:    "auth-rpc-host",
 				Usage:   "Host of auth rpc",
 				EnvVars: []string{"AUTH_RPC_HOST"},
 				Value:   "auth-service:8090",
 			},
-			&cli.StringFlag{
-				Name:    "data-rpc-host",
-				Usage:   "Host of data rpc",
-				EnvVars: []string{"DATA_RPC_HOST"},
-				Value:   "data-service:9000",
-			},
 			&cli.StringFlag{
 				Name:    "nats-host",
 				Usage:   "Host of nats",
@@ -117,18 +101,12 @@ func serve(ctx *cli.Context) error {
 		log.WithError(err).Fatal("failed to add stream")
 	}

-	// connect to main game database
-	conn, err := grpc.Dial(ctx.String("data-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
-	if err != nil {
-		log.Fatal(err)
-	}
 	svc := &service.Service{
 		DB:   db,
 		Nats: js,
-		Client: maps.NewMapsServiceClient(conn),
 	}

-	conn, err = grpc.Dial(ctx.String("auth-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
+	conn, err := grpc.Dial(ctx.String("auth-rpc-host"), grpc.WithTransportCredentials(insecure.NewCredentials()))
 	if err != nil {
 		log.Fatal(err)
 	}
@@ -141,37 +119,5 @@ func serve(ctx *cli.Context) error {
 		log.WithError(err).Fatal("failed to initialize api server")
 	}

-	svc2 := &service_internal.Service{
-		DB:   db,
-		Nats: js,
-	}
-
-	srv2, err := internal.NewServer(svc2, internal.WithPathPrefix("/v1"))
-	if err != nil {
-		log.WithError(err).Fatal("failed to initialize api server")
-	}
-	// Channel to collect errors
-	errChan := make(chan error, 2)
-
-	// First server
-	go func(errChan chan error) {
-		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port-internal")), srv2)
-	}(errChan)
-
-	// Second server
-	go func(errChan chan error) {
-		errChan <- http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port")), srv)
-	}(errChan)
-
-	// Wait for the first error or completion of both tasks
-	for i := 0; i < 2; i++ {
-		err := <-errChan
-		if err != nil {
-			fmt.Println("Exiting due to:", err)
-			return err
-		}
-	}
-	log.Println("Both servers have stopped.")
-
-	return nil
+	return http.ListenAndServe(fmt.Sprintf(":%d", ctx.Int("port")), srv)
 }
--- a/pkg/datastore/datastore.go
+++ b/pkg/datastore/datastore.go
@@ -9,16 +9,6 @@ import (
 var (
 	ErrNotExist        = errors.New("resource does not exist")
 	ErroNoRowsAffected = errors.New("query did not affect any rows")
-	ErrInvalidListSort = errors.New("invalid list sort parameter [1,2,3,4]")
-)
-
-type ListSort uint32
-const (
-	ListSortDisabled ListSort = 0
-	ListSortDisplayNameAscending ListSort = 1
-	ListSortDisplayNameDescending ListSort = 2
-	ListSortDateAscending ListSort = 3
-	ListSortDateDescending ListSort = 4
 )

 type Datastore interface {
@@ -32,10 +22,10 @@ type Submissions interface {
 	GetList(ctx context.Context, id []int64) ([]model.Submission, error)
 	Create(ctx context.Context, smap model.Submission) (model.Submission, error)
 	Update(ctx context.Context, id int64, values OptionalMap) error
-	IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.SubmissionStatus, values OptionalMap) error
-	IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.SubmissionStatus, values OptionalMap) (model.Submission, error)
+	IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.Status, values OptionalMap) error
+	IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.Status, values OptionalMap) (model.Submission, error)
 	Delete(ctx context.Context, id int64) error
-	List(ctx context.Context, filters OptionalMap, page model.Page, sort ListSort) ([]model.Submission, error)
+	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.Submission, error)
 }

 type Scripts interface {
@@ -43,7 +33,6 @@ type Scripts interface {
 	Create(ctx context.Context, smap model.Script) (model.Script, error)
 	Update(ctx context.Context, id int64, values OptionalMap) error
 	Delete(ctx context.Context, id int64) error
-	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.Script, error)
 }

 type ScriptPolicy interface {
@@ -52,5 +41,4 @@ type ScriptPolicy interface {
 	Create(ctx context.Context, smap model.ScriptPolicy) (model.ScriptPolicy, error)
 	Update(ctx context.Context, id int64, values OptionalMap) error
 	Delete(ctx context.Context, id int64) error
-	List(ctx context.Context, filters OptionalMap, page model.Page) ([]model.ScriptPolicy, error)
 }
--- a/pkg/datastore/gormstore/script_policy.go
+++ b/pkg/datastore/gormstore/script_policy.go
@@ -19,18 +19,16 @@ func (env *ScriptPolicy) Get(ctx context.Context, id int64) (model.ScriptPolicy,
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
-		return mdl, err
 	}
 	return mdl, nil
 }

 func (env *ScriptPolicy) GetFromHash(ctx context.Context, hash uint64) (model.ScriptPolicy, error) {
 	var mdl model.ScriptPolicy
-	if err := env.db.Take(&mdl,"from_script_hash = ?", hash).Error; err != nil {
+	if err := env.db.Model(&model.ScriptPolicy{}).Where("hash = ?", hash).Error; err != nil {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
-		return mdl, err
 	}
 	return mdl, nil
 }
@@ -64,12 +62,3 @@ func (env *ScriptPolicy) Delete(ctx context.Context, id int64) error {

 	return nil
 }
-
-func (env *ScriptPolicy) List(ctx context.Context, filters datastore.OptionalMap, page model.Page) ([]model.ScriptPolicy, error) {
-	var maps []model.ScriptPolicy
-	if err := env.db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&maps).Error; err != nil {
-		return nil, err
-	}
-
-	return maps, nil
-}
--- a/pkg/datastore/gormstore/scripts.go
+++ b/pkg/datastore/gormstore/scripts.go
@@ -19,7 +19,6 @@ func (env *Scripts) Get(ctx context.Context, id int64) (model.Script, error) {
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return mdl, datastore.ErrNotExist
 		}
-		return mdl, err
 	}
 	return mdl, nil
 }
@@ -53,7 +52,7 @@ func (env *Scripts) Update(ctx context.Context, id int64, values datastore.Optio
 }

 // the update can only occur if the status matches one of the provided values.
-func (env *Scripts) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.SubmissionStatus, values datastore.OptionalMap) error {
+func (env *Scripts) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.Status, values datastore.OptionalMap) error {
 	if err := env.db.Model(&model.Script{}).Where("id = ?", id).Where("status IN ?", statuses).Updates(values.Map()).Error; err != nil {
 		if err == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist
--- a/pkg/datastore/gormstore/submissions.go
+++ b/pkg/datastore/gormstore/submissions.go
@@ -20,7 +20,6 @@ func (env *Submissions) Get(ctx context.Context, id int64) (model.Submission, er
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			return submission, datastore.ErrNotExist
 		}
-		return submission, err
 	}
 	return submission, nil
 }
@@ -54,7 +53,7 @@ func (env *Submissions) Update(ctx context.Context, id int64, values datastore.O
 }

 // the update can only occur if the status matches one of the provided values.
-func (env *Submissions) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.SubmissionStatus, values datastore.OptionalMap) error {
+func (env *Submissions) IfStatusThenUpdate(ctx context.Context, id int64, statuses []model.Status, values datastore.OptionalMap) error {
 	if err := env.db.Model(&model.Submission{}).Where("id = ?", id).Where("status_id IN ?", statuses).Updates(values.Map()).Error; err != nil {
 		if err == gorm.ErrRecordNotFound {
 			return datastore.ErrNotExist
@@ -67,7 +66,7 @@ func (env *Submissions) IfStatusThenUpdate(ctx context.Context, id int64, status

 // the update can only occur if the status matches one of the provided values.
 // returns the updated value
-func (env *Submissions) IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.SubmissionStatus, values datastore.OptionalMap) (model.Submission, error) {
+func (env *Submissions) IfStatusThenUpdateAndGet(ctx context.Context, id int64, statuses []model.Status, values datastore.OptionalMap) (model.Submission, error) {
 	var submission model.Submission
 	result := env.db.Model(&submission).
 		Clauses(clause.Returning{}).
@@ -99,32 +98,9 @@ func (env *Submissions) Delete(ctx context.Context, id int64) error {
 	return nil
 }

-func (env *Submissions) List(ctx context.Context, filters datastore.OptionalMap, page model.Page, sort datastore.ListSort) ([]model.Submission, error) {
+func (env *Submissions) List(ctx context.Context, filters datastore.OptionalMap, page model.Page) ([]model.Submission, error) {
 	var maps []model.Submission
-
-	db := env.db
-
-	switch sort {
-	case datastore.ListSortDisabled:
-		// No sort
-		break
-	case datastore.ListSortDisplayNameAscending:
-		db=db.Order("display_name ASC")
-		break
-	case datastore.ListSortDisplayNameDescending:
-		db=db.Order("display_name DESC")
-		break
-	case datastore.ListSortDateAscending:
-		db=db.Order("created_at ASC")
-		break
-	case datastore.ListSortDateDescending:
-		db=db.Order("created_at DESC")
-		break
-	default:
-		return nil, datastore.ErrInvalidListSort
-	}
-
-	if err := db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&maps).Error; err != nil {
+	if err := env.db.Where(filters.Map()).Offset(int((page.Number - 1) * page.Size)).Limit(int(page.Size)).Find(&maps).Error; err != nil {
 		return nil, err
 	}

--- a/pkg/internal/oas_cfg_gen.go
+++ b/pkg/internal/oas_cfg_gen.go
@@ -1,283 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"net/http"
-
-	"go.opentelemetry.io/otel"
-	"go.opentelemetry.io/otel/metric"
-	"go.opentelemetry.io/otel/trace"
-
-	ht "github.com/ogen-go/ogen/http"
-	"github.com/ogen-go/ogen/middleware"
-	"github.com/ogen-go/ogen/ogenerrors"
-	"github.com/ogen-go/ogen/otelogen"
-)
-
-var (
-	// Allocate option closure once.
-	clientSpanKind = trace.WithSpanKind(trace.SpanKindClient)
-	// Allocate option closure once.
-	serverSpanKind = trace.WithSpanKind(trace.SpanKindServer)
-)
-
-type (
-	optionFunc[C any] func(*C)
-	otelOptionFunc    func(*otelConfig)
-)
-
-type otelConfig struct {
-	TracerProvider trace.TracerProvider
-	Tracer         trace.Tracer
-	MeterProvider  metric.MeterProvider
-	Meter          metric.Meter
-}
-
-func (cfg *otelConfig) initOTEL() {
-	if cfg.TracerProvider == nil {
-		cfg.TracerProvider = otel.GetTracerProvider()
-	}
-	if cfg.MeterProvider == nil {
-		cfg.MeterProvider = otel.GetMeterProvider()
-	}
-	cfg.Tracer = cfg.TracerProvider.Tracer(otelogen.Name,
-		trace.WithInstrumentationVersion(otelogen.SemVersion()),
-	)
-	cfg.Meter = cfg.MeterProvider.Meter(otelogen.Name,
-		metric.WithInstrumentationVersion(otelogen.SemVersion()),
-	)
-}
-
-// ErrorHandler is error handler.
-type ErrorHandler = ogenerrors.ErrorHandler
-
-type serverConfig struct {
-	otelConfig
-	NotFound           http.HandlerFunc
-	MethodNotAllowed   func(w http.ResponseWriter, r *http.Request, allowed string)
-	ErrorHandler       ErrorHandler
-	Prefix             string
-	Middleware         Middleware
-	MaxMultipartMemory int64
-}
-
-// ServerOption is server config option.
-type ServerOption interface {
-	applyServer(*serverConfig)
-}
-
-var _ ServerOption = (optionFunc[serverConfig])(nil)
-
-func (o optionFunc[C]) applyServer(c *C) {
-	o(c)
-}
-
-var _ ServerOption = (otelOptionFunc)(nil)
-
-func (o otelOptionFunc) applyServer(c *serverConfig) {
-	o(&c.otelConfig)
-}
-
-func newServerConfig(opts ...ServerOption) serverConfig {
-	cfg := serverConfig{
-		NotFound: http.NotFound,
-		MethodNotAllowed: func(w http.ResponseWriter, r *http.Request, allowed string) {
-			status := http.StatusMethodNotAllowed
-			if r.Method == "OPTIONS" {
-				w.Header().Set("Access-Control-Allow-Methods", allowed)
-				w.Header().Set("Access-Control-Allow-Headers", "Content-Type")
-				status = http.StatusNoContent
-			} else {
-				w.Header().Set("Allow", allowed)
-			}
-			w.WriteHeader(status)
-		},
-		ErrorHandler:       ogenerrors.DefaultErrorHandler,
-		Middleware:         nil,
-		MaxMultipartMemory: 32 << 20, // 32 MB
-	}
-	for _, opt := range opts {
-		opt.applyServer(&cfg)
-	}
-	cfg.initOTEL()
-	return cfg
-}
-
-type baseServer struct {
-	cfg      serverConfig
-	requests metric.Int64Counter
-	errors   metric.Int64Counter
-	duration metric.Float64Histogram
-}
-
-func (s baseServer) notFound(w http.ResponseWriter, r *http.Request) {
-	s.cfg.NotFound(w, r)
-}
-
-func (s baseServer) notAllowed(w http.ResponseWriter, r *http.Request, allowed string) {
-	s.cfg.MethodNotAllowed(w, r, allowed)
-}
-
-func (cfg serverConfig) baseServer() (s baseServer, err error) {
-	s = baseServer{cfg: cfg}
-	if s.requests, err = otelogen.ServerRequestCountCounter(s.cfg.Meter); err != nil {
-		return s, err
-	}
-	if s.errors, err = otelogen.ServerErrorsCountCounter(s.cfg.Meter); err != nil {
-		return s, err
-	}
-	if s.duration, err = otelogen.ServerDurationHistogram(s.cfg.Meter); err != nil {
-		return s, err
-	}
-	return s, nil
-}
-
-type clientConfig struct {
-	otelConfig
-	Client ht.Client
-}
-
-// ClientOption is client config option.
-type ClientOption interface {
-	applyClient(*clientConfig)
-}
-
-var _ ClientOption = (optionFunc[clientConfig])(nil)
-
-func (o optionFunc[C]) applyClient(c *C) {
-	o(c)
-}
-
-var _ ClientOption = (otelOptionFunc)(nil)
-
-func (o otelOptionFunc) applyClient(c *clientConfig) {
-	o(&c.otelConfig)
-}
-
-func newClientConfig(opts ...ClientOption) clientConfig {
-	cfg := clientConfig{
-		Client: http.DefaultClient,
-	}
-	for _, opt := range opts {
-		opt.applyClient(&cfg)
-	}
-	cfg.initOTEL()
-	return cfg
-}
-
-type baseClient struct {
-	cfg      clientConfig
-	requests metric.Int64Counter
-	errors   metric.Int64Counter
-	duration metric.Float64Histogram
-}
-
-func (cfg clientConfig) baseClient() (c baseClient, err error) {
-	c = baseClient{cfg: cfg}
-	if c.requests, err = otelogen.ClientRequestCountCounter(c.cfg.Meter); err != nil {
-		return c, err
-	}
-	if c.errors, err = otelogen.ClientErrorsCountCounter(c.cfg.Meter); err != nil {
-		return c, err
-	}
-	if c.duration, err = otelogen.ClientDurationHistogram(c.cfg.Meter); err != nil {
-		return c, err
-	}
-	return c, nil
-}
-
-// Option is config option.
-type Option interface {
-	ServerOption
-	ClientOption
-}
-
-// WithTracerProvider specifies a tracer provider to use for creating a tracer.
-//
-// If none is specified, the global provider is used.
-func WithTracerProvider(provider trace.TracerProvider) Option {
-	return otelOptionFunc(func(cfg *otelConfig) {
-		if provider != nil {
-			cfg.TracerProvider = provider
-		}
-	})
-}
-
-// WithMeterProvider specifies a meter provider to use for creating a meter.
-//
-// If none is specified, the otel.GetMeterProvider() is used.
-func WithMeterProvider(provider metric.MeterProvider) Option {
-	return otelOptionFunc(func(cfg *otelConfig) {
-		if provider != nil {
-			cfg.MeterProvider = provider
-		}
-	})
-}
-
-// WithClient specifies http client to use.
-func WithClient(client ht.Client) ClientOption {
-	return optionFunc[clientConfig](func(cfg *clientConfig) {
-		if client != nil {
-			cfg.Client = client
-		}
-	})
-}
-
-// WithNotFound specifies Not Found handler to use.
-func WithNotFound(notFound http.HandlerFunc) ServerOption {
-	return optionFunc[serverConfig](func(cfg *serverConfig) {
-		if notFound != nil {
-			cfg.NotFound = notFound
-		}
-	})
-}
-
-// WithMethodNotAllowed specifies Method Not Allowed handler to use.
-func WithMethodNotAllowed(methodNotAllowed func(w http.ResponseWriter, r *http.Request, allowed string)) ServerOption {
-	return optionFunc[serverConfig](func(cfg *serverConfig) {
-		if methodNotAllowed != nil {
-			cfg.MethodNotAllowed = methodNotAllowed
-		}
-	})
-}
-
-// WithErrorHandler specifies error handler to use.
-func WithErrorHandler(h ErrorHandler) ServerOption {
-	return optionFunc[serverConfig](func(cfg *serverConfig) {
-		if h != nil {
-			cfg.ErrorHandler = h
-		}
-	})
-}
-
-// WithPathPrefix specifies server path prefix.
-func WithPathPrefix(prefix string) ServerOption {
-	return optionFunc[serverConfig](func(cfg *serverConfig) {
-		cfg.Prefix = prefix
-	})
-}
-
-// WithMiddleware specifies middlewares to use.
-func WithMiddleware(m ...Middleware) ServerOption {
-	return optionFunc[serverConfig](func(cfg *serverConfig) {
-		switch len(m) {
-		case 0:
-			cfg.Middleware = nil
-		case 1:
-			cfg.Middleware = m[0]
-		default:
-			cfg.Middleware = middleware.ChainMiddlewares(m...)
-		}
-	})
-}
-
-// WithMaxMultipartMemory specifies limit of memory for storing file parts.
-// File parts which can't be stored in memory will be stored on disk in temporary files.
-func WithMaxMultipartMemory(max int64) ServerOption {
-	return optionFunc[serverConfig](func(cfg *serverConfig) {
-		if max > 0 {
-			cfg.MaxMultipartMemory = max
-		}
-	})
-}
--- a/pkg/internal/oas_client_gen.go
+++ b/pkg/internal/oas_client_gen.go
--- a/pkg/internal/oas_handlers_gen.go
+++ b/pkg/internal/oas_handlers_gen.go
--- a/pkg/internal/oas_json_gen.go
+++ b/pkg/internal/oas_json_gen.go
@@ -1,862 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"math/bits"
-	"strconv"
-
-	"github.com/go-faster/errors"
-	"github.com/go-faster/jx"
-
-	"github.com/ogen-go/ogen/validate"
-)
-
-// Encode implements json.Marshaler.
-func (s *Error) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *Error) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("code")
-		e.Int64(s.Code)
-	}
-	{
-		e.FieldStart("message")
-		e.Str(s.Message)
-	}
-}
-
-var jsonFieldsNameOfError = [2]string{
-	0: "code",
-	1: "message",
-}
-
-// Decode decodes Error from json.
-func (s *Error) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode Error to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "code":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int64()
-				s.Code = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"code\"")
-			}
-		case "message":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := d.Str()
-				s.Message = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"message\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode Error")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000011,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfError) {
-					name = jsonFieldsNameOfError[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *Error) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *Error) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode implements json.Marshaler.
-func (s *ID) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *ID) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("ID")
-		e.Int64(s.ID)
-	}
-}
-
-var jsonFieldsNameOfID = [1]string{
-	0: "ID",
-}
-
-// Decode decodes ID from json.
-func (s *ID) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode ID to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "ID":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int64()
-				s.ID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ID\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode ID")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000001,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfID) {
-					name = jsonFieldsNameOfID[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *ID) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *ID) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode encodes int64 as json.
-func (o OptInt64) Encode(e *jx.Encoder) {
-	if !o.Set {
-		return
-	}
-	e.Int64(int64(o.Value))
-}
-
-// Decode decodes int64 from json.
-func (o *OptInt64) Decode(d *jx.Decoder) error {
-	if o == nil {
-		return errors.New("invalid: unable to decode OptInt64 to nil")
-	}
-	o.Set = true
-	v, err := d.Int64()
-	if err != nil {
-		return err
-	}
-	o.Value = int64(v)
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s OptInt64) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *OptInt64) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode implements json.Marshaler.
-func (s *Script) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *Script) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("ID")
-		e.Int64(s.ID)
-	}
-	{
-		e.FieldStart("Name")
-		e.Str(s.Name)
-	}
-	{
-		e.FieldStart("Hash")
-		e.Str(s.Hash)
-	}
-	{
-		e.FieldStart("Source")
-		e.Str(s.Source)
-	}
-	{
-		e.FieldStart("ResourceType")
-		e.Int32(s.ResourceType)
-	}
-	{
-		e.FieldStart("ResourceID")
-		e.Int64(s.ResourceID)
-	}
-}
-
-var jsonFieldsNameOfScript = [6]string{
-	0: "ID",
-	1: "Name",
-	2: "Hash",
-	3: "Source",
-	4: "ResourceType",
-	5: "ResourceID",
-}
-
-// Decode decodes Script from json.
-func (s *Script) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode Script to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "ID":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int64()
-				s.ID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ID\"")
-			}
-		case "Name":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := d.Str()
-				s.Name = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Name\"")
-			}
-		case "Hash":
-			requiredBitSet[0] |= 1 << 2
-			if err := func() error {
-				v, err := d.Str()
-				s.Hash = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Hash\"")
-			}
-		case "Source":
-			requiredBitSet[0] |= 1 << 3
-			if err := func() error {
-				v, err := d.Str()
-				s.Source = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Source\"")
-			}
-		case "ResourceType":
-			requiredBitSet[0] |= 1 << 4
-			if err := func() error {
-				v, err := d.Int32()
-				s.ResourceType = int32(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceType\"")
-			}
-		case "ResourceID":
-			requiredBitSet[0] |= 1 << 5
-			if err := func() error {
-				v, err := d.Int64()
-				s.ResourceID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceID\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode Script")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00111111,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfScript) {
-					name = jsonFieldsNameOfScript[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *Script) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *Script) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode implements json.Marshaler.
-func (s *ScriptCreate) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *ScriptCreate) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("Name")
-		e.Str(s.Name)
-	}
-	{
-		e.FieldStart("Source")
-		e.Str(s.Source)
-	}
-	{
-		e.FieldStart("ResourceType")
-		e.Int32(s.ResourceType)
-	}
-	{
-		if s.ResourceID.Set {
-			e.FieldStart("ResourceID")
-			s.ResourceID.Encode(e)
-		}
-	}
-}
-
-var jsonFieldsNameOfScriptCreate = [4]string{
-	0: "Name",
-	1: "Source",
-	2: "ResourceType",
-	3: "ResourceID",
-}
-
-// Decode decodes ScriptCreate from json.
-func (s *ScriptCreate) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode ScriptCreate to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "Name":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Str()
-				s.Name = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Name\"")
-			}
-		case "Source":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := d.Str()
-				s.Source = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Source\"")
-			}
-		case "ResourceType":
-			requiredBitSet[0] |= 1 << 2
-			if err := func() error {
-				v, err := d.Int32()
-				s.ResourceType = int32(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceType\"")
-			}
-		case "ResourceID":
-			if err := func() error {
-				s.ResourceID.Reset()
-				if err := s.ResourceID.Decode(d); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ResourceID\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode ScriptCreate")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000111,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfScriptCreate) {
-					name = jsonFieldsNameOfScriptCreate[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *ScriptCreate) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *ScriptCreate) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode implements json.Marshaler.
-func (s *ScriptPolicy) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *ScriptPolicy) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("ID")
-		e.Int64(s.ID)
-	}
-	{
-		e.FieldStart("FromScriptHash")
-		e.Str(s.FromScriptHash)
-	}
-	{
-		e.FieldStart("ToScriptID")
-		e.Int64(s.ToScriptID)
-	}
-	{
-		e.FieldStart("Policy")
-		e.Int32(s.Policy)
-	}
-}
-
-var jsonFieldsNameOfScriptPolicy = [4]string{
-	0: "ID",
-	1: "FromScriptHash",
-	2: "ToScriptID",
-	3: "Policy",
-}
-
-// Decode decodes ScriptPolicy from json.
-func (s *ScriptPolicy) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode ScriptPolicy to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "ID":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int64()
-				s.ID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ID\"")
-			}
-		case "FromScriptHash":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := d.Str()
-				s.FromScriptHash = string(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"FromScriptHash\"")
-			}
-		case "ToScriptID":
-			requiredBitSet[0] |= 1 << 2
-			if err := func() error {
-				v, err := d.Int64()
-				s.ToScriptID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ToScriptID\"")
-			}
-		case "Policy":
-			requiredBitSet[0] |= 1 << 3
-			if err := func() error {
-				v, err := d.Int32()
-				s.Policy = int32(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Policy\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode ScriptPolicy")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00001111,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfScriptPolicy) {
-					name = jsonFieldsNameOfScriptPolicy[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *ScriptPolicy) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *ScriptPolicy) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
-
-// Encode implements json.Marshaler.
-func (s *ScriptPolicyCreate) Encode(e *jx.Encoder) {
-	e.ObjStart()
-	s.encodeFields(e)
-	e.ObjEnd()
-}
-
-// encodeFields encodes fields.
-func (s *ScriptPolicyCreate) encodeFields(e *jx.Encoder) {
-	{
-		e.FieldStart("FromScriptID")
-		e.Int64(s.FromScriptID)
-	}
-	{
-		e.FieldStart("ToScriptID")
-		e.Int64(s.ToScriptID)
-	}
-	{
-		e.FieldStart("Policy")
-		e.Int32(s.Policy)
-	}
-}
-
-var jsonFieldsNameOfScriptPolicyCreate = [3]string{
-	0: "FromScriptID",
-	1: "ToScriptID",
-	2: "Policy",
-}
-
-// Decode decodes ScriptPolicyCreate from json.
-func (s *ScriptPolicyCreate) Decode(d *jx.Decoder) error {
-	if s == nil {
-		return errors.New("invalid: unable to decode ScriptPolicyCreate to nil")
-	}
-	var requiredBitSet [1]uint8
-
-	if err := d.ObjBytes(func(d *jx.Decoder, k []byte) error {
-		switch string(k) {
-		case "FromScriptID":
-			requiredBitSet[0] |= 1 << 0
-			if err := func() error {
-				v, err := d.Int64()
-				s.FromScriptID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"FromScriptID\"")
-			}
-		case "ToScriptID":
-			requiredBitSet[0] |= 1 << 1
-			if err := func() error {
-				v, err := d.Int64()
-				s.ToScriptID = int64(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"ToScriptID\"")
-			}
-		case "Policy":
-			requiredBitSet[0] |= 1 << 2
-			if err := func() error {
-				v, err := d.Int32()
-				s.Policy = int32(v)
-				if err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return errors.Wrap(err, "decode field \"Policy\"")
-			}
-		default:
-			return d.Skip()
-		}
-		return nil
-	}); err != nil {
-		return errors.Wrap(err, "decode ScriptPolicyCreate")
-	}
-	// Validate required fields.
-	var failures []validate.FieldError
-	for i, mask := range [1]uint8{
-		0b00000111,
-	} {
-		if result := (requiredBitSet[i] & mask) ^ mask; result != 0 {
-			// Mask only required fields and check equality to mask using XOR.
-			//
-			// If XOR result is not zero, result is not equal to expected, so some fields are missed.
-			// Bits of fields which would be set are actually bits of missed fields.
-			missed := bits.OnesCount8(result)
-			for bitN := 0; bitN < missed; bitN++ {
-				bitIdx := bits.TrailingZeros8(result)
-				fieldIdx := i*8 + bitIdx
-				var name string
-				if fieldIdx < len(jsonFieldsNameOfScriptPolicyCreate) {
-					name = jsonFieldsNameOfScriptPolicyCreate[fieldIdx]
-				} else {
-					name = strconv.Itoa(fieldIdx)
-				}
-				failures = append(failures, validate.FieldError{
-					Name:  name,
-					Error: validate.ErrFieldRequired,
-				})
-				// Reset bit.
-				result &^= 1 << bitIdx
-			}
-		}
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-
-	return nil
-}
-
-// MarshalJSON implements stdjson.Marshaler.
-func (s *ScriptPolicyCreate) MarshalJSON() ([]byte, error) {
-	e := jx.Encoder{}
-	s.Encode(&e)
-	return e.Bytes(), nil
-}
-
-// UnmarshalJSON implements stdjson.Unmarshaler.
-func (s *ScriptPolicyCreate) UnmarshalJSON(data []byte) error {
-	d := jx.DecodeBytes(data)
-	return s.Decode(d)
-}
--- a/pkg/internal/oas_labeler_gen.go
+++ b/pkg/internal/oas_labeler_gen.go
@@ -1,42 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"context"
-
-	"go.opentelemetry.io/otel/attribute"
-)
-
-// Labeler is used to allow adding custom attributes to the server request metrics.
-type Labeler struct {
-	attrs []attribute.KeyValue
-}
-
-// Add attributes to the Labeler.
-func (l *Labeler) Add(attrs ...attribute.KeyValue) {
-	l.attrs = append(l.attrs, attrs...)
-}
-
-// AttributeSet returns the attributes added to the Labeler as an attribute.Set.
-func (l *Labeler) AttributeSet() attribute.Set {
-	return attribute.NewSet(l.attrs...)
-}
-
-type labelerContextKey struct{}
-
-// LabelerFromContext retrieves the Labeler from the provided context, if present.
-//
-// If no Labeler was found in the provided context a new, empty Labeler is returned and the second
-// return value is false. In this case it is safe to use the Labeler but any attributes added to
-// it will not be used.
-func LabelerFromContext(ctx context.Context) (*Labeler, bool) {
-	if l, ok := ctx.Value(labelerContextKey{}).(*Labeler); ok {
-		return l, true
-	}
-	return &Labeler{}, false
-}
-
-func contextWithLabeler(ctx context.Context, l *Labeler) context.Context {
-	return context.WithValue(ctx, labelerContextKey{}, l)
-}
--- a/pkg/internal/oas_middleware_gen.go
+++ b/pkg/internal/oas_middleware_gen.go
@@ -1,10 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"github.com/ogen-go/ogen/middleware"
-)
-
-// Middleware is middleware type.
-type Middleware = middleware.Middleware
--- a/pkg/internal/oas_operations_gen.go
+++ b/pkg/internal/oas_operations_gen.go
@@ -1,18 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-// OperationName is the ogen operation name
-type OperationName = string
-
-const (
-	ActionSubmissionAcceptedOperation       OperationName = "ActionSubmissionAccepted"
-	ActionSubmissionUploadedOperation       OperationName = "ActionSubmissionUploaded"
-	ActionSubmissionValidatedOperation      OperationName = "ActionSubmissionValidated"
-	CreateScriptOperation                   OperationName = "CreateScript"
-	CreateScriptPolicyOperation             OperationName = "CreateScriptPolicy"
-	GetScriptOperation                      OperationName = "GetScript"
-	ListScriptPolicyOperation               OperationName = "ListScriptPolicy"
-	ListScriptsOperation                    OperationName = "ListScripts"
-	UpdateSubmissionValidatedModelOperation OperationName = "UpdateSubmissionValidatedModel"
-)
--- a/pkg/internal/oas_parameters_gen.go
+++ b/pkg/internal/oas_parameters_gen.go
--- a/pkg/internal/oas_request_decoders_gen.go
+++ b/pkg/internal/oas_request_decoders_gen.go
@@ -1,150 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"io"
-	"mime"
-	"net/http"
-
-	"github.com/go-faster/errors"
-	"github.com/go-faster/jx"
-	"go.uber.org/multierr"
-
-	"github.com/ogen-go/ogen/ogenerrors"
-	"github.com/ogen-go/ogen/validate"
-)
-
-func (s *Server) decodeCreateScriptRequest(r *http.Request) (
-	req *ScriptCreate,
-	close func() error,
-	rerr error,
-) {
-	var closers []func() error
-	close = func() error {
-		var merr error
-		// Close in reverse order, to match defer behavior.
-		for i := len(closers) - 1; i >= 0; i-- {
-			c := closers[i]
-			merr = multierr.Append(merr, c())
-		}
-		return merr
-	}
-	defer func() {
-		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
-		}
-	}()
-	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
-	if err != nil {
-		return req, close, errors.Wrap(err, "parse media type")
-	}
-	switch {
-	case ct == "application/json":
-		if r.ContentLength == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-		buf, err := io.ReadAll(r.Body)
-		if err != nil {
-			return req, close, err
-		}
-
-		if len(buf) == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-
-		d := jx.DecodeBytes(buf)
-
-		var request ScriptCreate
-		if err := func() error {
-			if err := request.Decode(d); err != nil {
-				return err
-			}
-			if err := d.Skip(); err != io.EOF {
-				return errors.New("unexpected trailing data")
-			}
-			return nil
-		}(); err != nil {
-			err = &ogenerrors.DecodeBodyError{
-				ContentType: ct,
-				Body:        buf,
-				Err:         err,
-			}
-			return req, close, err
-		}
-		if err := func() error {
-			if err := request.Validate(); err != nil {
-				return err
-			}
-			return nil
-		}(); err != nil {
-			return req, close, errors.Wrap(err, "validate")
-		}
-		return &request, close, nil
-	default:
-		return req, close, validate.InvalidContentType(ct)
-	}
-}
-
-func (s *Server) decodeCreateScriptPolicyRequest(r *http.Request) (
-	req *ScriptPolicyCreate,
-	close func() error,
-	rerr error,
-) {
-	var closers []func() error
-	close = func() error {
-		var merr error
-		// Close in reverse order, to match defer behavior.
-		for i := len(closers) - 1; i >= 0; i-- {
-			c := closers[i]
-			merr = multierr.Append(merr, c())
-		}
-		return merr
-	}
-	defer func() {
-		if rerr != nil {
-			rerr = multierr.Append(rerr, close())
-		}
-	}()
-	ct, _, err := mime.ParseMediaType(r.Header.Get("Content-Type"))
-	if err != nil {
-		return req, close, errors.Wrap(err, "parse media type")
-	}
-	switch {
-	case ct == "application/json":
-		if r.ContentLength == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-		buf, err := io.ReadAll(r.Body)
-		if err != nil {
-			return req, close, err
-		}
-
-		if len(buf) == 0 {
-			return req, close, validate.ErrBodyRequired
-		}
-
-		d := jx.DecodeBytes(buf)
-
-		var request ScriptPolicyCreate
-		if err := func() error {
-			if err := request.Decode(d); err != nil {
-				return err
-			}
-			if err := d.Skip(); err != io.EOF {
-				return errors.New("unexpected trailing data")
-			}
-			return nil
-		}(); err != nil {
-			err = &ogenerrors.DecodeBodyError{
-				ContentType: ct,
-				Body:        buf,
-				Err:         err,
-			}
-			return req, close, err
-		}
-		return &request, close, nil
-	default:
-		return req, close, validate.InvalidContentType(ct)
-	}
-}
--- a/pkg/internal/oas_request_encoders_gen.go
+++ b/pkg/internal/oas_request_encoders_gen.go
@@ -1,40 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"bytes"
-	"net/http"
-
-	"github.com/go-faster/jx"
-
-	ht "github.com/ogen-go/ogen/http"
-)
-
-func encodeCreateScriptRequest(
-	req *ScriptCreate,
-	r *http.Request,
-) error {
-	const contentType = "application/json"
-	e := new(jx.Encoder)
-	{
-		req.Encode(e)
-	}
-	encoded := e.Bytes()
-	ht.SetBody(r, bytes.NewReader(encoded), contentType)
-	return nil
-}
-
-func encodeCreateScriptPolicyRequest(
-	req *ScriptPolicyCreate,
-	r *http.Request,
-) error {
-	const contentType = "application/json"
-	e := new(jx.Encoder)
-	{
-		req.Encode(e)
-	}
-	encoded := e.Bytes()
-	ht.SetBody(r, bytes.NewReader(encoded), contentType)
-	return nil
-}
--- a/pkg/internal/oas_response_decoders_gen.go
+++ b/pkg/internal/oas_response_decoders_gen.go
@@ -1,712 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"fmt"
-	"io"
-	"mime"
-	"net/http"
-
-	"github.com/go-faster/errors"
-	"github.com/go-faster/jx"
-
-	"github.com/ogen-go/ogen/ogenerrors"
-	"github.com/ogen-go/ogen/validate"
-)
-
-func decodeActionSubmissionAcceptedResponse(resp *http.Response) (res *ActionSubmissionAcceptedNoContent, _ error) {
-	switch resp.StatusCode {
-	case 204:
-		// Code 204.
-		return &ActionSubmissionAcceptedNoContent{}, nil
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeActionSubmissionUploadedResponse(resp *http.Response) (res *ActionSubmissionUploadedNoContent, _ error) {
-	switch resp.StatusCode {
-	case 204:
-		// Code 204.
-		return &ActionSubmissionUploadedNoContent{}, nil
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeActionSubmissionValidatedResponse(resp *http.Response) (res *ActionSubmissionValidatedNoContent, _ error) {
-	switch resp.StatusCode {
-	case 204:
-		// Code 204.
-		return &ActionSubmissionValidatedNoContent{}, nil
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeCreateScriptResponse(resp *http.Response) (res *ID, _ error) {
-	switch resp.StatusCode {
-	case 201:
-		// Code 201.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response ID
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeCreateScriptPolicyResponse(resp *http.Response) (res *ID, _ error) {
-	switch resp.StatusCode {
-	case 201:
-		// Code 201.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response ID
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeGetScriptResponse(resp *http.Response) (res *Script, _ error) {
-	switch resp.StatusCode {
-	case 200:
-		// Code 200.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Script
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			// Validate response.
-			if err := func() error {
-				if err := response.Validate(); err != nil {
-					return err
-				}
-				return nil
-			}(); err != nil {
-				return res, errors.Wrap(err, "validate")
-			}
-			return &response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeListScriptPolicyResponse(resp *http.Response) (res []ScriptPolicy, _ error) {
-	switch resp.StatusCode {
-	case 200:
-		// Code 200.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response []ScriptPolicy
-			if err := func() error {
-				response = make([]ScriptPolicy, 0)
-				if err := d.Arr(func(d *jx.Decoder) error {
-					var elem ScriptPolicy
-					if err := elem.Decode(d); err != nil {
-						return err
-					}
-					response = append(response, elem)
-					return nil
-				}); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			// Validate response.
-			if err := func() error {
-				if response == nil {
-					return errors.New("nil is invalid value")
-				}
-				var failures []validate.FieldError
-				for i, elem := range response {
-					if err := func() error {
-						if err := elem.Validate(); err != nil {
-							return err
-						}
-						return nil
-					}(); err != nil {
-						failures = append(failures, validate.FieldError{
-							Name:  fmt.Sprintf("[%d]", i),
-							Error: err,
-						})
-					}
-				}
-				if len(failures) > 0 {
-					return &validate.Error{Fields: failures}
-				}
-				return nil
-			}(); err != nil {
-				return res, errors.Wrap(err, "validate")
-			}
-			return response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeListScriptsResponse(resp *http.Response) (res []Script, _ error) {
-	switch resp.StatusCode {
-	case 200:
-		// Code 200.
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response []Script
-			if err := func() error {
-				response = make([]Script, 0)
-				if err := d.Arr(func(d *jx.Decoder) error {
-					var elem Script
-					if err := elem.Decode(d); err != nil {
-						return err
-					}
-					response = append(response, elem)
-					return nil
-				}); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			// Validate response.
-			if err := func() error {
-				if response == nil {
-					return errors.New("nil is invalid value")
-				}
-				var failures []validate.FieldError
-				for i, elem := range response {
-					if err := func() error {
-						if err := elem.Validate(); err != nil {
-							return err
-						}
-						return nil
-					}(); err != nil {
-						failures = append(failures, validate.FieldError{
-							Name:  fmt.Sprintf("[%d]", i),
-							Error: err,
-						})
-					}
-				}
-				if len(failures) > 0 {
-					return &validate.Error{Fields: failures}
-				}
-				return nil
-			}(); err != nil {
-				return res, errors.Wrap(err, "validate")
-			}
-			return response, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
-
-func decodeUpdateSubmissionValidatedModelResponse(resp *http.Response) (res *UpdateSubmissionValidatedModelNoContent, _ error) {
-	switch resp.StatusCode {
-	case 204:
-		// Code 204.
-		return &UpdateSubmissionValidatedModelNoContent{}, nil
-	}
-	// Convenient error response.
-	defRes, err := func() (res *ErrorStatusCode, err error) {
-		ct, _, err := mime.ParseMediaType(resp.Header.Get("Content-Type"))
-		if err != nil {
-			return res, errors.Wrap(err, "parse media type")
-		}
-		switch {
-		case ct == "application/json":
-			buf, err := io.ReadAll(resp.Body)
-			if err != nil {
-				return res, err
-			}
-			d := jx.DecodeBytes(buf)
-
-			var response Error
-			if err := func() error {
-				if err := response.Decode(d); err != nil {
-					return err
-				}
-				if err := d.Skip(); err != io.EOF {
-					return errors.New("unexpected trailing data")
-				}
-				return nil
-			}(); err != nil {
-				err = &ogenerrors.DecodeBodyError{
-					ContentType: ct,
-					Body:        buf,
-					Err:         err,
-				}
-				return res, err
-			}
-			return &ErrorStatusCode{
-				StatusCode: resp.StatusCode,
-				Response:   response,
-			}, nil
-		default:
-			return res, validate.InvalidContentType(ct)
-		}
-	}()
-	if err != nil {
-		return res, errors.Wrapf(err, "default (code %d)", resp.StatusCode)
-	}
-	return res, errors.Wrap(defRes, "error")
-}
--- a/pkg/internal/oas_response_encoders_gen.go
+++ b/pkg/internal/oas_response_encoders_gen.go
@@ -1,147 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"net/http"
-
-	"github.com/go-faster/errors"
-	"github.com/go-faster/jx"
-	"go.opentelemetry.io/otel/codes"
-	"go.opentelemetry.io/otel/trace"
-
-	ht "github.com/ogen-go/ogen/http"
-)
-
-func encodeActionSubmissionAcceptedResponse(response *ActionSubmissionAcceptedNoContent, w http.ResponseWriter, span trace.Span) error {
-	w.WriteHeader(204)
-	span.SetStatus(codes.Ok, http.StatusText(204))
-
-	return nil
-}
-
-func encodeActionSubmissionUploadedResponse(response *ActionSubmissionUploadedNoContent, w http.ResponseWriter, span trace.Span) error {
-	w.WriteHeader(204)
-	span.SetStatus(codes.Ok, http.StatusText(204))
-
-	return nil
-}
-
-func encodeActionSubmissionValidatedResponse(response *ActionSubmissionValidatedNoContent, w http.ResponseWriter, span trace.Span) error {
-	w.WriteHeader(204)
-	span.SetStatus(codes.Ok, http.StatusText(204))
-
-	return nil
-}
-
-func encodeCreateScriptResponse(response *ID, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(201)
-	span.SetStatus(codes.Ok, http.StatusText(201))
-
-	e := new(jx.Encoder)
-	response.Encode(e)
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
-func encodeCreateScriptPolicyResponse(response *ID, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(201)
-	span.SetStatus(codes.Ok, http.StatusText(201))
-
-	e := new(jx.Encoder)
-	response.Encode(e)
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
-func encodeGetScriptResponse(response *Script, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(200)
-	span.SetStatus(codes.Ok, http.StatusText(200))
-
-	e := new(jx.Encoder)
-	response.Encode(e)
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
-func encodeListScriptPolicyResponse(response []ScriptPolicy, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(200)
-	span.SetStatus(codes.Ok, http.StatusText(200))
-
-	e := new(jx.Encoder)
-	e.ArrStart()
-	for _, elem := range response {
-		elem.Encode(e)
-	}
-	e.ArrEnd()
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
-func encodeListScriptsResponse(response []Script, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.WriteHeader(200)
-	span.SetStatus(codes.Ok, http.StatusText(200))
-
-	e := new(jx.Encoder)
-	e.ArrStart()
-	for _, elem := range response {
-		elem.Encode(e)
-	}
-	e.ArrEnd()
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	return nil
-}
-
-func encodeUpdateSubmissionValidatedModelResponse(response *UpdateSubmissionValidatedModelNoContent, w http.ResponseWriter, span trace.Span) error {
-	w.WriteHeader(204)
-	span.SetStatus(codes.Ok, http.StatusText(204))
-
-	return nil
-}
-
-func encodeErrorResponse(response *ErrorStatusCode, w http.ResponseWriter, span trace.Span) error {
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	code := response.StatusCode
-	if code == 0 {
-		// Set default status code.
-		code = http.StatusOK
-	}
-	w.WriteHeader(code)
-	if st := http.StatusText(code); code >= http.StatusBadRequest {
-		span.SetStatus(codes.Error, st)
-	} else {
-		span.SetStatus(codes.Ok, st)
-	}
-
-	e := new(jx.Encoder)
-	response.Response.Encode(e)
-	if _, err := e.WriteTo(w); err != nil {
-		return errors.Wrap(err, "write")
-	}
-
-	if code >= http.StatusInternalServerError {
-		return errors.Wrapf(ht.ErrInternalServerErrorResponse, "code: %d, message: %s", code, http.StatusText(code))
-	}
-	return nil
-
-}
--- a/pkg/internal/oas_router_gen.go
+++ b/pkg/internal/oas_router_gen.go
@@ -1,651 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"net/http"
-	"net/url"
-	"strings"
-
-	"github.com/ogen-go/ogen/uri"
-)
-
-func (s *Server) cutPrefix(path string) (string, bool) {
-	prefix := s.cfg.Prefix
-	if prefix == "" {
-		return path, true
-	}
-	if !strings.HasPrefix(path, prefix) {
-		// Prefix doesn't match.
-		return "", false
-	}
-	// Cut prefix from the path.
-	return strings.TrimPrefix(path, prefix), true
-}
-
-// ServeHTTP serves http request as defined by OpenAPI v3 specification,
-// calling handler that matches the path or returning not found error.
-func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	elem := r.URL.Path
-	elemIsEscaped := false
-	if rawPath := r.URL.RawPath; rawPath != "" {
-		if normalized, ok := uri.NormalizeEscapedPath(rawPath); ok {
-			elem = normalized
-			elemIsEscaped = strings.ContainsRune(elem, '%')
-		}
-	}
-
-	elem, ok := s.cutPrefix(elem)
-	if !ok || len(elem) == 0 {
-		s.notFound(w, r)
-		return
-	}
-	args := [1]string{}
-
-	// Static code generated router with unwrapped path search.
-	switch {
-	default:
-		if len(elem) == 0 {
-			break
-		}
-		switch elem[0] {
-		case '/': // Prefix: "/s"
-
-			if l := len("/s"); len(elem) >= l && elem[0:l] == "/s" {
-				elem = elem[l:]
-			} else {
-				break
-			}
-
-			if len(elem) == 0 {
-				break
-			}
-			switch elem[0] {
-			case 'c': // Prefix: "cript"
-
-				if l := len("cript"); len(elem) >= l && elem[0:l] == "cript" {
-					elem = elem[l:]
-				} else {
-					break
-				}
-
-				if len(elem) == 0 {
-					break
-				}
-				switch elem[0] {
-				case '-': // Prefix: "-policy"
-
-					if l := len("-policy"); len(elem) >= l && elem[0:l] == "-policy" {
-						elem = elem[l:]
-					} else {
-						break
-					}
-
-					if len(elem) == 0 {
-						// Leaf node.
-						switch r.Method {
-						case "GET":
-							s.handleListScriptPolicyRequest([0]string{}, elemIsEscaped, w, r)
-						case "POST":
-							s.handleCreateScriptPolicyRequest([0]string{}, elemIsEscaped, w, r)
-						default:
-							s.notAllowed(w, r, "GET,POST")
-						}
-
-						return
-					}
-
-				case 's': // Prefix: "s"
-
-					if l := len("s"); len(elem) >= l && elem[0:l] == "s" {
-						elem = elem[l:]
-					} else {
-						break
-					}
-
-					if len(elem) == 0 {
-						switch r.Method {
-						case "GET":
-							s.handleListScriptsRequest([0]string{}, elemIsEscaped, w, r)
-						case "POST":
-							s.handleCreateScriptRequest([0]string{}, elemIsEscaped, w, r)
-						default:
-							s.notAllowed(w, r, "GET,POST")
-						}
-
-						return
-					}
-					switch elem[0] {
-					case '/': // Prefix: "/"
-
-						if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
-							elem = elem[l:]
-						} else {
-							break
-						}
-
-						// Param: "ScriptID"
-						// Leaf parameter, slashes are prohibited
-						idx := strings.IndexByte(elem, '/')
-						if idx >= 0 {
-							break
-						}
-						args[0] = elem
-						elem = ""
-
-						if len(elem) == 0 {
-							// Leaf node.
-							switch r.Method {
-							case "GET":
-								s.handleGetScriptRequest([1]string{
-									args[0],
-								}, elemIsEscaped, w, r)
-							default:
-								s.notAllowed(w, r, "GET")
-							}
-
-							return
-						}
-
-					}
-
-				}
-
-			case 'u': // Prefix: "ubmissions/"
-
-				if l := len("ubmissions/"); len(elem) >= l && elem[0:l] == "ubmissions/" {
-					elem = elem[l:]
-				} else {
-					break
-				}
-
-				// Param: "SubmissionID"
-				// Match until "/"
-				idx := strings.IndexByte(elem, '/')
-				if idx < 0 {
-					idx = len(elem)
-				}
-				args[0] = elem[:idx]
-				elem = elem[idx:]
-
-				if len(elem) == 0 {
-					break
-				}
-				switch elem[0] {
-				case '/': // Prefix: "/"
-
-					if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
-						elem = elem[l:]
-					} else {
-						break
-					}
-
-					if len(elem) == 0 {
-						break
-					}
-					switch elem[0] {
-					case 's': // Prefix: "status/validator-"
-
-						if l := len("status/validator-"); len(elem) >= l && elem[0:l] == "status/validator-" {
-							elem = elem[l:]
-						} else {
-							break
-						}
-
-						if len(elem) == 0 {
-							break
-						}
-						switch elem[0] {
-						case 'f': // Prefix: "failed"
-
-							if l := len("failed"); len(elem) >= l && elem[0:l] == "failed" {
-								elem = elem[l:]
-							} else {
-								break
-							}
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch r.Method {
-								case "POST":
-									s.handleActionSubmissionAcceptedRequest([1]string{
-										args[0],
-									}, elemIsEscaped, w, r)
-								default:
-									s.notAllowed(w, r, "POST")
-								}
-
-								return
-							}
-
-						case 'u': // Prefix: "uploaded"
-
-							if l := len("uploaded"); len(elem) >= l && elem[0:l] == "uploaded" {
-								elem = elem[l:]
-							} else {
-								break
-							}
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch r.Method {
-								case "POST":
-									s.handleActionSubmissionUploadedRequest([1]string{
-										args[0],
-									}, elemIsEscaped, w, r)
-								default:
-									s.notAllowed(w, r, "POST")
-								}
-
-								return
-							}
-
-						case 'v': // Prefix: "validated"
-
-							if l := len("validated"); len(elem) >= l && elem[0:l] == "validated" {
-								elem = elem[l:]
-							} else {
-								break
-							}
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch r.Method {
-								case "POST":
-									s.handleActionSubmissionValidatedRequest([1]string{
-										args[0],
-									}, elemIsEscaped, w, r)
-								default:
-									s.notAllowed(w, r, "POST")
-								}
-
-								return
-							}
-
-						}
-
-					case 'v': // Prefix: "validated-model"
-
-						if l := len("validated-model"); len(elem) >= l && elem[0:l] == "validated-model" {
-							elem = elem[l:]
-						} else {
-							break
-						}
-
-						if len(elem) == 0 {
-							// Leaf node.
-							switch r.Method {
-							case "POST":
-								s.handleUpdateSubmissionValidatedModelRequest([1]string{
-									args[0],
-								}, elemIsEscaped, w, r)
-							default:
-								s.notAllowed(w, r, "POST")
-							}
-
-							return
-						}
-
-					}
-
-				}
-
-			}
-
-		}
-	}
-	s.notFound(w, r)
-}
-
-// Route is route object.
-type Route struct {
-	name        string
-	summary     string
-	operationID string
-	pathPattern string
-	count       int
-	args        [1]string
-}
-
-// Name returns ogen operation name.
-//
-// It is guaranteed to be unique and not empty.
-func (r Route) Name() string {
-	return r.name
-}
-
-// Summary returns OpenAPI summary.
-func (r Route) Summary() string {
-	return r.summary
-}
-
-// OperationID returns OpenAPI operationId.
-func (r Route) OperationID() string {
-	return r.operationID
-}
-
-// PathPattern returns OpenAPI path.
-func (r Route) PathPattern() string {
-	return r.pathPattern
-}
-
-// Args returns parsed arguments.
-func (r Route) Args() []string {
-	return r.args[:r.count]
-}
-
-// FindRoute finds Route for given method and path.
-//
-// Note: this method does not unescape path or handle reserved characters in path properly. Use FindPath instead.
-func (s *Server) FindRoute(method, path string) (Route, bool) {
-	return s.FindPath(method, &url.URL{Path: path})
-}
-
-// FindPath finds Route for given method and URL.
-func (s *Server) FindPath(method string, u *url.URL) (r Route, _ bool) {
-	var (
-		elem = u.Path
-		args = r.args
-	)
-	if rawPath := u.RawPath; rawPath != "" {
-		if normalized, ok := uri.NormalizeEscapedPath(rawPath); ok {
-			elem = normalized
-		}
-		defer func() {
-			for i, arg := range r.args[:r.count] {
-				if unescaped, err := url.PathUnescape(arg); err == nil {
-					r.args[i] = unescaped
-				}
-			}
-		}()
-	}
-
-	elem, ok := s.cutPrefix(elem)
-	if !ok {
-		return r, false
-	}
-
-	// Static code generated router with unwrapped path search.
-	switch {
-	default:
-		if len(elem) == 0 {
-			break
-		}
-		switch elem[0] {
-		case '/': // Prefix: "/s"
-
-			if l := len("/s"); len(elem) >= l && elem[0:l] == "/s" {
-				elem = elem[l:]
-			} else {
-				break
-			}
-
-			if len(elem) == 0 {
-				break
-			}
-			switch elem[0] {
-			case 'c': // Prefix: "cript"
-
-				if l := len("cript"); len(elem) >= l && elem[0:l] == "cript" {
-					elem = elem[l:]
-				} else {
-					break
-				}
-
-				if len(elem) == 0 {
-					break
-				}
-				switch elem[0] {
-				case '-': // Prefix: "-policy"
-
-					if l := len("-policy"); len(elem) >= l && elem[0:l] == "-policy" {
-						elem = elem[l:]
-					} else {
-						break
-					}
-
-					if len(elem) == 0 {
-						// Leaf node.
-						switch method {
-						case "GET":
-							r.name = ListScriptPolicyOperation
-							r.summary = "Get list of script policies"
-							r.operationID = "listScriptPolicy"
-							r.pathPattern = "/script-policy"
-							r.args = args
-							r.count = 0
-							return r, true
-						case "POST":
-							r.name = CreateScriptPolicyOperation
-							r.summary = "Create a new script policy"
-							r.operationID = "createScriptPolicy"
-							r.pathPattern = "/script-policy"
-							r.args = args
-							r.count = 0
-							return r, true
-						default:
-							return
-						}
-					}
-
-				case 's': // Prefix: "s"
-
-					if l := len("s"); len(elem) >= l && elem[0:l] == "s" {
-						elem = elem[l:]
-					} else {
-						break
-					}
-
-					if len(elem) == 0 {
-						switch method {
-						case "GET":
-							r.name = ListScriptsOperation
-							r.summary = "Get list of scripts"
-							r.operationID = "listScripts"
-							r.pathPattern = "/scripts"
-							r.args = args
-							r.count = 0
-							return r, true
-						case "POST":
-							r.name = CreateScriptOperation
-							r.summary = "Create a new script"
-							r.operationID = "createScript"
-							r.pathPattern = "/scripts"
-							r.args = args
-							r.count = 0
-							return r, true
-						default:
-							return
-						}
-					}
-					switch elem[0] {
-					case '/': // Prefix: "/"
-
-						if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
-							elem = elem[l:]
-						} else {
-							break
-						}
-
-						// Param: "ScriptID"
-						// Leaf parameter, slashes are prohibited
-						idx := strings.IndexByte(elem, '/')
-						if idx >= 0 {
-							break
-						}
-						args[0] = elem
-						elem = ""
-
-						if len(elem) == 0 {
-							// Leaf node.
-							switch method {
-							case "GET":
-								r.name = GetScriptOperation
-								r.summary = "Get the specified script by ID"
-								r.operationID = "getScript"
-								r.pathPattern = "/scripts/{ScriptID}"
-								r.args = args
-								r.count = 1
-								return r, true
-							default:
-								return
-							}
-						}
-
-					}
-
-				}
-
-			case 'u': // Prefix: "ubmissions/"
-
-				if l := len("ubmissions/"); len(elem) >= l && elem[0:l] == "ubmissions/" {
-					elem = elem[l:]
-				} else {
-					break
-				}
-
-				// Param: "SubmissionID"
-				// Match until "/"
-				idx := strings.IndexByte(elem, '/')
-				if idx < 0 {
-					idx = len(elem)
-				}
-				args[0] = elem[:idx]
-				elem = elem[idx:]
-
-				if len(elem) == 0 {
-					break
-				}
-				switch elem[0] {
-				case '/': // Prefix: "/"
-
-					if l := len("/"); len(elem) >= l && elem[0:l] == "/" {
-						elem = elem[l:]
-					} else {
-						break
-					}
-
-					if len(elem) == 0 {
-						break
-					}
-					switch elem[0] {
-					case 's': // Prefix: "status/validator-"
-
-						if l := len("status/validator-"); len(elem) >= l && elem[0:l] == "status/validator-" {
-							elem = elem[l:]
-						} else {
-							break
-						}
-
-						if len(elem) == 0 {
-							break
-						}
-						switch elem[0] {
-						case 'f': // Prefix: "failed"
-
-							if l := len("failed"); len(elem) >= l && elem[0:l] == "failed" {
-								elem = elem[l:]
-							} else {
-								break
-							}
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch method {
-								case "POST":
-									r.name = ActionSubmissionAcceptedOperation
-									r.summary = "(Internal endpoint) Role Validator changes status from Validating -> Accepted"
-									r.operationID = "actionSubmissionAccepted"
-									r.pathPattern = "/submissions/{SubmissionID}/status/validator-failed"
-									r.args = args
-									r.count = 1
-									return r, true
-								default:
-									return
-								}
-							}
-
-						case 'u': // Prefix: "uploaded"
-
-							if l := len("uploaded"); len(elem) >= l && elem[0:l] == "uploaded" {
-								elem = elem[l:]
-							} else {
-								break
-							}
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch method {
-								case "POST":
-									r.name = ActionSubmissionUploadedOperation
-									r.summary = "(Internal endpoint) Role Validator changes status from Uploading -> Uploaded"
-									r.operationID = "actionSubmissionUploaded"
-									r.pathPattern = "/submissions/{SubmissionID}/status/validator-uploaded"
-									r.args = args
-									r.count = 1
-									return r, true
-								default:
-									return
-								}
-							}
-
-						case 'v': // Prefix: "validated"
-
-							if l := len("validated"); len(elem) >= l && elem[0:l] == "validated" {
-								elem = elem[l:]
-							} else {
-								break
-							}
-
-							if len(elem) == 0 {
-								// Leaf node.
-								switch method {
-								case "POST":
-									r.name = ActionSubmissionValidatedOperation
-									r.summary = "(Internal endpoint) Role Validator changes status from Validating -> Validated"
-									r.operationID = "actionSubmissionValidated"
-									r.pathPattern = "/submissions/{SubmissionID}/status/validator-validated"
-									r.args = args
-									r.count = 1
-									return r, true
-								default:
-									return
-								}
-							}
-
-						}
-
-					case 'v': // Prefix: "validated-model"
-
-						if l := len("validated-model"); len(elem) >= l && elem[0:l] == "validated-model" {
-							elem = elem[l:]
-						} else {
-							break
-						}
-
-						if len(elem) == 0 {
-							// Leaf node.
-							switch method {
-							case "POST":
-								r.name = UpdateSubmissionValidatedModelOperation
-								r.summary = "Update validated model"
-								r.operationID = "updateSubmissionValidatedModel"
-								r.pathPattern = "/submissions/{SubmissionID}/validated-model"
-								r.args = args
-								r.count = 1
-								return r, true
-							default:
-								return
-							}
-						}
-
-					}
-
-				}
-
-			}
-
-		}
-	}
-	return r, false
-}
--- a/pkg/internal/oas_schemas_gen.go
+++ b/pkg/internal/oas_schemas_gen.go
@@ -1,432 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"fmt"
-)
-
-func (s *ErrorStatusCode) Error() string {
-	return fmt.Sprintf("code %d: %+v", s.StatusCode, s.Response)
-}
-
-// ActionSubmissionAcceptedNoContent is response for ActionSubmissionAccepted operation.
-type ActionSubmissionAcceptedNoContent struct{}
-
-// ActionSubmissionUploadedNoContent is response for ActionSubmissionUploaded operation.
-type ActionSubmissionUploadedNoContent struct{}
-
-// ActionSubmissionValidatedNoContent is response for ActionSubmissionValidated operation.
-type ActionSubmissionValidatedNoContent struct{}
-
-// Represents error object.
-// Ref: #/components/schemas/Error
-type Error struct {
-	Code    int64  `json:"code"`
-	Message string `json:"message"`
-}
-
-// GetCode returns the value of Code.
-func (s *Error) GetCode() int64 {
-	return s.Code
-}
-
-// GetMessage returns the value of Message.
-func (s *Error) GetMessage() string {
-	return s.Message
-}
-
-// SetCode sets the value of Code.
-func (s *Error) SetCode(val int64) {
-	s.Code = val
-}
-
-// SetMessage sets the value of Message.
-func (s *Error) SetMessage(val string) {
-	s.Message = val
-}
-
-// ErrorStatusCode wraps Error with StatusCode.
-type ErrorStatusCode struct {
-	StatusCode int
-	Response   Error
-}
-
-// GetStatusCode returns the value of StatusCode.
-func (s *ErrorStatusCode) GetStatusCode() int {
-	return s.StatusCode
-}
-
-// GetResponse returns the value of Response.
-func (s *ErrorStatusCode) GetResponse() Error {
-	return s.Response
-}
-
-// SetStatusCode sets the value of StatusCode.
-func (s *ErrorStatusCode) SetStatusCode(val int) {
-	s.StatusCode = val
-}
-
-// SetResponse sets the value of Response.
-func (s *ErrorStatusCode) SetResponse(val Error) {
-	s.Response = val
-}
-
-// Ref: #/components/schemas/Id
-type ID struct {
-	ID int64 `json:"ID"`
-}
-
-// GetID returns the value of ID.
-func (s *ID) GetID() int64 {
-	return s.ID
-}
-
-// SetID sets the value of ID.
-func (s *ID) SetID(val int64) {
-	s.ID = val
-}
-
-// NewOptInt32 returns new OptInt32 with value set to v.
-func NewOptInt32(v int32) OptInt32 {
-	return OptInt32{
-		Value: v,
-		Set:   true,
-	}
-}
-
-// OptInt32 is optional int32.
-type OptInt32 struct {
-	Value int32
-	Set   bool
-}
-
-// IsSet returns true if OptInt32 was set.
-func (o OptInt32) IsSet() bool { return o.Set }
-
-// Reset unsets value.
-func (o *OptInt32) Reset() {
-	var v int32
-	o.Value = v
-	o.Set = false
-}
-
-// SetTo sets value to v.
-func (o *OptInt32) SetTo(v int32) {
-	o.Set = true
-	o.Value = v
-}
-
-// Get returns value and boolean that denotes whether value was set.
-func (o OptInt32) Get() (v int32, ok bool) {
-	if !o.Set {
-		return v, false
-	}
-	return o.Value, true
-}
-
-// Or returns value if set, or given parameter if does not.
-func (o OptInt32) Or(d int32) int32 {
-	if v, ok := o.Get(); ok {
-		return v
-	}
-	return d
-}
-
-// NewOptInt64 returns new OptInt64 with value set to v.
-func NewOptInt64(v int64) OptInt64 {
-	return OptInt64{
-		Value: v,
-		Set:   true,
-	}
-}
-
-// OptInt64 is optional int64.
-type OptInt64 struct {
-	Value int64
-	Set   bool
-}
-
-// IsSet returns true if OptInt64 was set.
-func (o OptInt64) IsSet() bool { return o.Set }
-
-// Reset unsets value.
-func (o *OptInt64) Reset() {
-	var v int64
-	o.Value = v
-	o.Set = false
-}
-
-// SetTo sets value to v.
-func (o *OptInt64) SetTo(v int64) {
-	o.Set = true
-	o.Value = v
-}
-
-// Get returns value and boolean that denotes whether value was set.
-func (o OptInt64) Get() (v int64, ok bool) {
-	if !o.Set {
-		return v, false
-	}
-	return o.Value, true
-}
-
-// Or returns value if set, or given parameter if does not.
-func (o OptInt64) Or(d int64) int64 {
-	if v, ok := o.Get(); ok {
-		return v
-	}
-	return d
-}
-
-// NewOptString returns new OptString with value set to v.
-func NewOptString(v string) OptString {
-	return OptString{
-		Value: v,
-		Set:   true,
-	}
-}
-
-// OptString is optional string.
-type OptString struct {
-	Value string
-	Set   bool
-}
-
-// IsSet returns true if OptString was set.
-func (o OptString) IsSet() bool { return o.Set }
-
-// Reset unsets value.
-func (o *OptString) Reset() {
-	var v string
-	o.Value = v
-	o.Set = false
-}
-
-// SetTo sets value to v.
-func (o *OptString) SetTo(v string) {
-	o.Set = true
-	o.Value = v
-}
-
-// Get returns value and boolean that denotes whether value was set.
-func (o OptString) Get() (v string, ok bool) {
-	if !o.Set {
-		return v, false
-	}
-	return o.Value, true
-}
-
-// Or returns value if set, or given parameter if does not.
-func (o OptString) Or(d string) string {
-	if v, ok := o.Get(); ok {
-		return v
-	}
-	return d
-}
-
-// Ref: #/components/schemas/Script
-type Script struct {
-	ID           int64  `json:"ID"`
-	Name         string `json:"Name"`
-	Hash         string `json:"Hash"`
-	Source       string `json:"Source"`
-	ResourceType int32  `json:"ResourceType"`
-	ResourceID   int64  `json:"ResourceID"`
-}
-
-// GetID returns the value of ID.
-func (s *Script) GetID() int64 {
-	return s.ID
-}
-
-// GetName returns the value of Name.
-func (s *Script) GetName() string {
-	return s.Name
-}
-
-// GetHash returns the value of Hash.
-func (s *Script) GetHash() string {
-	return s.Hash
-}
-
-// GetSource returns the value of Source.
-func (s *Script) GetSource() string {
-	return s.Source
-}
-
-// GetResourceType returns the value of ResourceType.
-func (s *Script) GetResourceType() int32 {
-	return s.ResourceType
-}
-
-// GetResourceID returns the value of ResourceID.
-func (s *Script) GetResourceID() int64 {
-	return s.ResourceID
-}
-
-// SetID sets the value of ID.
-func (s *Script) SetID(val int64) {
-	s.ID = val
-}
-
-// SetName sets the value of Name.
-func (s *Script) SetName(val string) {
-	s.Name = val
-}
-
-// SetHash sets the value of Hash.
-func (s *Script) SetHash(val string) {
-	s.Hash = val
-}
-
-// SetSource sets the value of Source.
-func (s *Script) SetSource(val string) {
-	s.Source = val
-}
-
-// SetResourceType sets the value of ResourceType.
-func (s *Script) SetResourceType(val int32) {
-	s.ResourceType = val
-}
-
-// SetResourceID sets the value of ResourceID.
-func (s *Script) SetResourceID(val int64) {
-	s.ResourceID = val
-}
-
-// Ref: #/components/schemas/ScriptCreate
-type ScriptCreate struct {
-	Name         string   `json:"Name"`
-	Source       string   `json:"Source"`
-	ResourceType int32    `json:"ResourceType"`
-	ResourceID   OptInt64 `json:"ResourceID"`
-}
-
-// GetName returns the value of Name.
-func (s *ScriptCreate) GetName() string {
-	return s.Name
-}
-
-// GetSource returns the value of Source.
-func (s *ScriptCreate) GetSource() string {
-	return s.Source
-}
-
-// GetResourceType returns the value of ResourceType.
-func (s *ScriptCreate) GetResourceType() int32 {
-	return s.ResourceType
-}
-
-// GetResourceID returns the value of ResourceID.
-func (s *ScriptCreate) GetResourceID() OptInt64 {
-	return s.ResourceID
-}
-
-// SetName sets the value of Name.
-func (s *ScriptCreate) SetName(val string) {
-	s.Name = val
-}
-
-// SetSource sets the value of Source.
-func (s *ScriptCreate) SetSource(val string) {
-	s.Source = val
-}
-
-// SetResourceType sets the value of ResourceType.
-func (s *ScriptCreate) SetResourceType(val int32) {
-	s.ResourceType = val
-}
-
-// SetResourceID sets the value of ResourceID.
-func (s *ScriptCreate) SetResourceID(val OptInt64) {
-	s.ResourceID = val
-}
-
-// Ref: #/components/schemas/ScriptPolicy
-type ScriptPolicy struct {
-	ID             int64  `json:"ID"`
-	FromScriptHash string `json:"FromScriptHash"`
-	ToScriptID     int64  `json:"ToScriptID"`
-	Policy         int32  `json:"Policy"`
-}
-
-// GetID returns the value of ID.
-func (s *ScriptPolicy) GetID() int64 {
-	return s.ID
-}
-
-// GetFromScriptHash returns the value of FromScriptHash.
-func (s *ScriptPolicy) GetFromScriptHash() string {
-	return s.FromScriptHash
-}
-
-// GetToScriptID returns the value of ToScriptID.
-func (s *ScriptPolicy) GetToScriptID() int64 {
-	return s.ToScriptID
-}
-
-// GetPolicy returns the value of Policy.
-func (s *ScriptPolicy) GetPolicy() int32 {
-	return s.Policy
-}
-
-// SetID sets the value of ID.
-func (s *ScriptPolicy) SetID(val int64) {
-	s.ID = val
-}
-
-// SetFromScriptHash sets the value of FromScriptHash.
-func (s *ScriptPolicy) SetFromScriptHash(val string) {
-	s.FromScriptHash = val
-}
-
-// SetToScriptID sets the value of ToScriptID.
-func (s *ScriptPolicy) SetToScriptID(val int64) {
-	s.ToScriptID = val
-}
-
-// SetPolicy sets the value of Policy.
-func (s *ScriptPolicy) SetPolicy(val int32) {
-	s.Policy = val
-}
-
-// Ref: #/components/schemas/ScriptPolicyCreate
-type ScriptPolicyCreate struct {
-	FromScriptID int64 `json:"FromScriptID"`
-	ToScriptID   int64 `json:"ToScriptID"`
-	Policy       int32 `json:"Policy"`
-}
-
-// GetFromScriptID returns the value of FromScriptID.
-func (s *ScriptPolicyCreate) GetFromScriptID() int64 {
-	return s.FromScriptID
-}
-
-// GetToScriptID returns the value of ToScriptID.
-func (s *ScriptPolicyCreate) GetToScriptID() int64 {
-	return s.ToScriptID
-}
-
-// GetPolicy returns the value of Policy.
-func (s *ScriptPolicyCreate) GetPolicy() int32 {
-	return s.Policy
-}
-
-// SetFromScriptID sets the value of FromScriptID.
-func (s *ScriptPolicyCreate) SetFromScriptID(val int64) {
-	s.FromScriptID = val
-}
-
-// SetToScriptID sets the value of ToScriptID.
-func (s *ScriptPolicyCreate) SetToScriptID(val int64) {
-	s.ToScriptID = val
-}
-
-// SetPolicy sets the value of Policy.
-func (s *ScriptPolicyCreate) SetPolicy(val int32) {
-	s.Policy = val
-}
-
-// UpdateSubmissionValidatedModelNoContent is response for UpdateSubmissionValidatedModel operation.
-type UpdateSubmissionValidatedModelNoContent struct{}
--- a/pkg/internal/oas_server_gen.go
+++ b/pkg/internal/oas_server_gen.go
@@ -1,88 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"context"
-)
-
-// Handler handles operations described by OpenAPI v3 specification.
-type Handler interface {
-	// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
-	//
-	// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
-	//
-	// POST /submissions/{SubmissionID}/status/validator-failed
-	ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error
-	// ActionSubmissionUploaded implements actionSubmissionUploaded operation.
-	//
-	// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
-	//
-	// POST /submissions/{SubmissionID}/status/validator-uploaded
-	ActionSubmissionUploaded(ctx context.Context, params ActionSubmissionUploadedParams) error
-	// ActionSubmissionValidated implements actionSubmissionValidated operation.
-	//
-	// (Internal endpoint) Role Validator changes status from Validating -> Validated.
-	//
-	// POST /submissions/{SubmissionID}/status/validator-validated
-	ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error
-	// CreateScript implements createScript operation.
-	//
-	// Create a new script.
-	//
-	// POST /scripts
-	CreateScript(ctx context.Context, req *ScriptCreate) (*ID, error)
-	// CreateScriptPolicy implements createScriptPolicy operation.
-	//
-	// Create a new script policy.
-	//
-	// POST /script-policy
-	CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (*ID, error)
-	// GetScript implements getScript operation.
-	//
-	// Get the specified script by ID.
-	//
-	// GET /scripts/{ScriptID}
-	GetScript(ctx context.Context, params GetScriptParams) (*Script, error)
-	// ListScriptPolicy implements listScriptPolicy operation.
-	//
-	// Get list of script policies.
-	//
-	// GET /script-policy
-	ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) ([]ScriptPolicy, error)
-	// ListScripts implements listScripts operation.
-	//
-	// Get list of scripts.
-	//
-	// GET /scripts
-	ListScripts(ctx context.Context, params ListScriptsParams) ([]Script, error)
-	// UpdateSubmissionValidatedModel implements updateSubmissionValidatedModel operation.
-	//
-	// Update validated model.
-	//
-	// POST /submissions/{SubmissionID}/validated-model
-	UpdateSubmissionValidatedModel(ctx context.Context, params UpdateSubmissionValidatedModelParams) error
-	// NewError creates *ErrorStatusCode from error returned by handler.
-	//
-	// Used for common default response.
-	NewError(ctx context.Context, err error) *ErrorStatusCode
-}
-
-// Server implements http server based on OpenAPI v3 specification and
-// calls Handler to handle requests.
-type Server struct {
-	h Handler
-	baseServer
-}
-
-// NewServer creates new Server.
-func NewServer(h Handler, opts ...ServerOption) (*Server, error) {
-	s, err := newServerConfig(opts...).baseServer()
-	if err != nil {
-		return nil, err
-	}
-	return &Server{
-		h:          h,
-		baseServer: s,
-	}, nil
-}
--- a/pkg/internal/oas_unimplemented_gen.go
+++ b/pkg/internal/oas_unimplemented_gen.go
@@ -1,103 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"context"
-
-	ht "github.com/ogen-go/ogen/http"
-)
-
-// UnimplementedHandler is no-op Handler which returns http.ErrNotImplemented.
-type UnimplementedHandler struct{}
-
-var _ Handler = UnimplementedHandler{}
-
-// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
-//
-// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
-//
-// POST /submissions/{SubmissionID}/status/validator-failed
-func (UnimplementedHandler) ActionSubmissionAccepted(ctx context.Context, params ActionSubmissionAcceptedParams) error {
-	return ht.ErrNotImplemented
-}
-
-// ActionSubmissionUploaded implements actionSubmissionUploaded operation.
-//
-// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
-//
-// POST /submissions/{SubmissionID}/status/validator-uploaded
-func (UnimplementedHandler) ActionSubmissionUploaded(ctx context.Context, params ActionSubmissionUploadedParams) error {
-	return ht.ErrNotImplemented
-}
-
-// ActionSubmissionValidated implements actionSubmissionValidated operation.
-//
-// (Internal endpoint) Role Validator changes status from Validating -> Validated.
-//
-// POST /submissions/{SubmissionID}/status/validator-validated
-func (UnimplementedHandler) ActionSubmissionValidated(ctx context.Context, params ActionSubmissionValidatedParams) error {
-	return ht.ErrNotImplemented
-}
-
-// CreateScript implements createScript operation.
-//
-// Create a new script.
-//
-// POST /scripts
-func (UnimplementedHandler) CreateScript(ctx context.Context, req *ScriptCreate) (r *ID, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
-// CreateScriptPolicy implements createScriptPolicy operation.
-//
-// Create a new script policy.
-//
-// POST /script-policy
-func (UnimplementedHandler) CreateScriptPolicy(ctx context.Context, req *ScriptPolicyCreate) (r *ID, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
-// GetScript implements getScript operation.
-//
-// Get the specified script by ID.
-//
-// GET /scripts/{ScriptID}
-func (UnimplementedHandler) GetScript(ctx context.Context, params GetScriptParams) (r *Script, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
-// ListScriptPolicy implements listScriptPolicy operation.
-//
-// Get list of script policies.
-//
-// GET /script-policy
-func (UnimplementedHandler) ListScriptPolicy(ctx context.Context, params ListScriptPolicyParams) (r []ScriptPolicy, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
-// ListScripts implements listScripts operation.
-//
-// Get list of scripts.
-//
-// GET /scripts
-func (UnimplementedHandler) ListScripts(ctx context.Context, params ListScriptsParams) (r []Script, _ error) {
-	return r, ht.ErrNotImplemented
-}
-
-// UpdateSubmissionValidatedModel implements updateSubmissionValidatedModel operation.
-//
-// Update validated model.
-//
-// POST /submissions/{SubmissionID}/validated-model
-func (UnimplementedHandler) UpdateSubmissionValidatedModel(ctx context.Context, params UpdateSubmissionValidatedModelParams) error {
-	return ht.ErrNotImplemented
-}
-
-// NewError creates *ErrorStatusCode from error returned by handler.
-//
-// Used for common default response.
-func (UnimplementedHandler) NewError(ctx context.Context, err error) (r *ErrorStatusCode) {
-	r = new(ErrorStatusCode)
-	return r
-}
--- a/pkg/internal/oas_validators_gen.go
+++ b/pkg/internal/oas_validators_gen.go
@@ -1,159 +0,0 @@
-// Code generated by ogen, DO NOT EDIT.
-
-package api
-
-import (
-	"github.com/go-faster/errors"
-
-	"github.com/ogen-go/ogen/validate"
-)
-
-func (s *Script) Validate() error {
-	if s == nil {
-		return validate.ErrNilPointer
-	}
-
-	var failures []validate.FieldError
-	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    128,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.Name)); err != nil {
-			return errors.Wrap(err, "string")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Name",
-			Error: err,
-		})
-	}
-	if err := func() error {
-		if err := (validate.String{
-			MinLength:    16,
-			MinLengthSet: true,
-			MaxLength:    16,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.Hash)); err != nil {
-			return errors.Wrap(err, "string")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Hash",
-			Error: err,
-		})
-	}
-	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    1048576,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.Source)); err != nil {
-			return errors.Wrap(err, "string")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Source",
-			Error: err,
-		})
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-	return nil
-}
-
-func (s *ScriptCreate) Validate() error {
-	if s == nil {
-		return validate.ErrNilPointer
-	}
-
-	var failures []validate.FieldError
-	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    128,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.Name)); err != nil {
-			return errors.Wrap(err, "string")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Name",
-			Error: err,
-		})
-	}
-	if err := func() error {
-		if err := (validate.String{
-			MinLength:    0,
-			MinLengthSet: false,
-			MaxLength:    1048576,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.Source)); err != nil {
-			return errors.Wrap(err, "string")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "Source",
-			Error: err,
-		})
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-	return nil
-}
-
-func (s *ScriptPolicy) Validate() error {
-	if s == nil {
-		return validate.ErrNilPointer
-	}
-
-	var failures []validate.FieldError
-	if err := func() error {
-		if err := (validate.String{
-			MinLength:    16,
-			MinLengthSet: true,
-			MaxLength:    16,
-			MaxLengthSet: true,
-			Email:        false,
-			Hostname:     false,
-			Regex:        nil,
-		}).Validate(string(s.FromScriptHash)); err != nil {
-			return errors.Wrap(err, "string")
-		}
-		return nil
-	}(); err != nil {
-		failures = append(failures, validate.FieldError{
-			Name:  "FromScriptHash",
-			Error: err,
-		})
-	}
-	if len(failures) > 0 {
-		return &validate.Error{Fields: failures}
-	}
-	return nil
-}
--- a/pkg/model/nats.go
+++ b/pkg/model/nats.go
@@ -8,22 +8,25 @@ package model
 type ValidateRequest struct {
 	// submission_id is passed back in the response message
 	SubmissionID     int64
-	ModelID          int64
-	ModelVersion     int64
-	ValidatedModelID *int64 // optional value
+	ModelID          uint64
+	ModelVersion     uint64
+	ValidatedModelID uint64 // optional value
 }

 // Create a new map
-type UploadNewRequest struct {
+type PublishNewRequest struct {
 	SubmissionID int64
-	ModelID      int64
-	ModelVersion int64
-	ModelName    string
+	ModelID      uint64
+	ModelVersion uint64
+	Creator      string
+	DisplayName  string
+	GameID       uint32
+	//games HashSet<GameID>
 }

-type UploadFixRequest struct {
+type PublishFixRequest struct {
 	SubmissionID  int64
-	ModelID       int64
-	ModelVersion  int64
-	TargetAssetID int64
+	ModelID       uint64
+	ModelVersion  uint64
+	TargetAssetID uint64
 }
--- a/pkg/model/policy.go
+++ b/pkg/model/policy.go
@@ -5,11 +5,10 @@ import "time"
 type Policy int32

 const (
-	ScriptPolicyNone    Policy = 0 // not yet reviewed
-	ScriptPolicyAllowed Policy = 1
-	ScriptPolicyBlocked Policy = 2
-	ScriptPolicyDelete  Policy = 3
-	ScriptPolicyReplace Policy = 4
+	ScriptPolicyAllowed Policy = 0
+	ScriptPolicyBlocked Policy = 1
+	ScriptPolicyDelete  Policy = 2
+	ScriptPolicyReplace Policy = 3
 )

 type ScriptPolicy struct {
@@ -17,7 +16,7 @@ type ScriptPolicy struct {
 	// Hash of the source code that leads to this policy.
 	// If this is a replacement mapping, the original source may not be pointed to by any policy.
 	// The original source should still exist in the scripts table, which can be located by the same hash.
-	FromScriptHash int64 // postgres does not support unsigned integers, so we have to pretend
+	FromScriptHash uint64
 	// The ID of the replacement source (ScriptPolicyReplace)
 	// or verbatim source (ScriptPolicyAllowed)
 	// or 0 (other)
--- a/pkg/model/script.go
+++ b/pkg/model/script.go
@@ -1,42 +1,12 @@
 package model

-import (
-	"fmt"
-	"strconv"
-	"time"
-
-	"github.com/dchest/siphash"
-)
-
-// compute the hash of a source code string
-func HashSource(source string) uint64{
-	return siphash.Hash(0, 0, []byte(source))
-}
-
-// format a hash value as a hexidecimal string
-func HashFormat(hash uint64) string{
-	return fmt.Sprintf("%016x", hash)
-}
-
-// parse a hexidecimal hash string
-func HashParse(hash string) (uint64, error){
-	return strconv.ParseUint(hash, 16, 64)
-}
-
-type ResourceType int32
-const (
-	ResourceUnknown    ResourceType = 0
-	ResourceMapfix     ResourceType = 1
-	ResourceSubmission ResourceType = 2
-)
+import "time"

 type Script struct {
 	ID           int64 `gorm:"primaryKey"`
-	Name         string
-	Hash         int64 // postgres does not support unsigned integers, so we have to pretend
+	Hash         uint64
 	Source       string
-	ResourceType ResourceType // is this a submission or is it a mapfix
-	ResourceID   int64 // which submission / mapfix did this script first appear in
+	SubmissionID int64 // which submission did this script first appear in
 	CreatedAt    time.Time
 	UpdatedAt    time.Time
 }
--- a/pkg/model/submission.go
+++ b/pkg/model/submission.go
@@ -2,24 +2,20 @@ package model

 import "time"

-type SubmissionStatus int32
+type Status int32

 const (
-	// Phase: Final SubmissionStatus
-	SubmissionStatusReleased  SubmissionStatus = 9
-	SubmissionStatusRejected  SubmissionStatus = 8
+	StatusPublished Status = 8
+	StatusRejected  Status = 7

-	// Phase: Testing
-	SubmissionStatusUploaded   SubmissionStatus = 7 // uploaded to the group, but pending release
-	SubmissionStatusUploading  SubmissionStatus = 6
-	SubmissionStatusValidated  SubmissionStatus = 5
-	SubmissionStatusValidating SubmissionStatus = 4
-	SubmissionStatusAccepted   SubmissionStatus = 3 // pending script review, can re-trigger validation
+	StatusPublishing Status = 6
+	StatusValidated  Status = 5
+	StatusValidating Status = 4
+	StatusAccepted   Status = 3

-	// Phase: Creation
-	SubmissionStatusChangesRequested  SubmissionStatus = 2
-	SubmissionStatusSubmitted         SubmissionStatus = 1
-	SubmissionStatusUnderConstruction SubmissionStatus = 0
+	StatusChangesRequested  Status = 2
+	StatusSubmitted         Status = 1
+	StatusUnderConstruction Status = 0
 )

 type Submission struct {
@@ -29,13 +25,10 @@ type Submission struct {
 	GameID        int32
 	CreatedAt     time.Time
 	UpdatedAt     time.Time
-	Submitter     int64 // UserID
-	AssetID       int64
-	AssetVersion  int64
-	ValidatedAssetID       int64
-	ValidatedAssetVersion  int64
+	Submitter     uint64 // UserID
+	AssetID       uint64
+	AssetVersion  uint64
 	Completed     bool   // Has this version of the map been completed at least once on maptest
-	UploadedAssetID        int64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
-	StatusID      SubmissionStatus
-	StatusMessage string
+	TargetAssetID uint64 // where to upload map fix.  if the TargetAssetID is 0, it's a new map.
+	StatusID      Status
 }
--- a/pkg/service/script_policy.go
+++ b/pkg/service/script_policy.go
@@ -2,6 +2,8 @@ package service

 import (
 	"context"
+	"fmt"
+	"strconv"

 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
@@ -14,16 +16,12 @@ import (
 //
 // POST /script-policy
 func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ID, error) {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return nil, ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleScriptWrite()
-	if err != nil {
-		return nil, err
-	}
-	if !has_role {
+	if !userInfo.Roles.ScriptWrite {
 		return nil, ErrPermissionDenied
 	}

@@ -49,66 +47,18 @@ func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolic
 	}, nil
 }

-
-// ListScriptPolicy implements listScriptPolicy operation.
-//
-// Get list of script policies.
-//
-// GET /script-policy
-func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
-	filter := datastore.Optional()
-
-	if params.FromScriptHash.IsSet(){
-		hash, err := model.HashParse(params.FromScriptHash.Value)
-		if err != nil {
-			return nil, err
-		}
-		filter.AddNotNil("from_script_hash", int64(hash)) // No type safety!
-	}
-	if params.ToScriptID.IsSet(){
-		filter.AddNotNil("to_script_id", params.ToScriptID.Value)
-	}
-	if params.Policy.IsSet(){
-		filter.AddNotNil("policy", params.Policy.Value)
-	}
-
-	items, err := svc.DB.ScriptPolicy().List(ctx, filter, model.Page{
-		Number: params.Page,
-		Size:   params.Limit,
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	var resp []api.ScriptPolicy
-	for _, item := range items {
-		resp = append(resp, api.ScriptPolicy{
-			ID:             item.ID,
-			FromScriptHash: model.HashFormat(uint64(item.FromScriptHash)),
-			ToScriptID:     item.ToScriptID,
-			Policy:         int32(item.Policy),
-		})
-	}
-
-	return resp, nil
-}
-
 // DeleteScriptPolicy implements deleteScriptPolicy operation.
 //
 // Delete the specified script policy by ID.
 //
-// DELETE /script-policy/{ScriptPolicyID}
+// DELETE /script-policy/id/{ScriptPolicyID}
 func (svc *Service) DeleteScriptPolicy(ctx context.Context, params api.DeleteScriptPolicyParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleScriptWrite()
-	if err != nil {
-		return err
-	}
-	if !has_role {
+	if !userInfo.Roles.ScriptWrite {
 		return ErrPermissionDenied
 	}

@@ -119,9 +69,9 @@ func (svc *Service) DeleteScriptPolicy(ctx context.Context, params api.DeleteScr
 //
 // Get the specified script policy by ID.
 //
-// GET /script-policy/{ScriptPolicyID}
+// GET /script-policy/id/{ScriptPolicyID}
 func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPolicyParams) (*api.ScriptPolicy, error) {
-	_, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	_, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return nil, ErrUserInfo
 	}
@@ -135,7 +85,39 @@ func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPol

 	return &api.ScriptPolicy{
 		ID:             policy.ID,
-		FromScriptHash: model.HashFormat(uint64(policy.FromScriptHash)),
+		FromScriptHash: fmt.Sprintf("%x", policy.FromScriptHash),
+		ToScriptID:     policy.ToScriptID,
+		Policy:         int32(policy.Policy),
+	}, nil
+}
+
+// GetScriptPolicyFromHash implements getScriptPolicyFromHash operation.
+//
+// Get the policy for the given hash of script source code.
+//
+// GET /script-policy/hash/{FromScriptHash}
+func (svc *Service) GetScriptPolicyFromHash(ctx context.Context, params api.GetScriptPolicyFromHashParams) (*api.ScriptPolicy, error) {
+	_, ok := ctx.Value("UserInfo").(UserInfo)
+	if !ok {
+		return nil, ErrUserInfo
+	}
+
+	// Read permission for script policy only requires you to be logged in
+
+	// parse hash from hex
+	hash, err := strconv.ParseUint(params.FromScriptHash, 16, 64)
+	if err != nil {
+		return nil, err
+	}
+
+	policy, err := svc.DB.ScriptPolicy().GetFromHash(ctx, hash)
+	if err != nil {
+		return nil, err
+	}
+
+	return &api.ScriptPolicy{
+		ID:             policy.ID,
+		FromScriptHash: fmt.Sprintf("%x", policy.FromScriptHash),
 		ToScriptID:     policy.ToScriptID,
 		Policy:         int32(policy.Policy),
 	}, nil
@@ -145,18 +127,14 @@ func (svc *Service) GetScriptPolicy(ctx context.Context, params api.GetScriptPol
 //
 // Update the specified script policy by ID.
 //
-// POST /script-policy/{ScriptPolicyID}
+// PATCH /script-policy/id/{ScriptPolicyID}
 func (svc *Service) UpdateScriptPolicy(ctx context.Context, req *api.ScriptPolicyUpdate, params api.UpdateScriptPolicyParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleScriptWrite()
-	if err != nil {
-		return err
-	}
-	if !has_role {
+	if !userInfo.Roles.ScriptWrite {
 		return ErrPermissionDenied
 	}

--- a/pkg/service/scripts.go
+++ b/pkg/service/scripts.go
@@ -2,10 +2,12 @@ package service

 import (
 	"context"
+	"fmt"

 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
+	"github.com/dchest/siphash"
 )

 // CreateScript implements createScript operation.
@@ -14,26 +16,20 @@ import (
 //
 // POST /scripts
 func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ID, error) {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return nil, ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleScriptWrite()
-	if err != nil {
-		return nil, err
-	}
-	if !has_role {
+	if !userInfo.Roles.ScriptWrite {
 		return nil, ErrPermissionDenied
 	}

 	script, err := svc.DB.Scripts().Create(ctx, model.Script{
 		ID:           0,
-		Name:         req.Name,
-		Hash:         int64(model.HashSource(req.Source)),
+		Hash:         siphash.Hash(0, 0, []byte(req.Source)),
 		Source:       req.Source,
-		ResourceType: model.ResourceType(req.ResourceType),
-		ResourceID:   req.ResourceID.Or(0),
+		SubmissionID: req.SubmissionID.Or(0),
 	})
 	if err != nil {
 		return nil, err
@@ -44,69 +40,18 @@ func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*a
 	}, nil
 }

-// ListScripts implements listScripts operation.
-//
-// Get list of scripts.
-//
-// GET /scripts
-func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
-	filter := datastore.Optional()
-
-	if params.Hash.IsSet(){
-		hash, err := model.HashParse(params.Hash.Value)
-		if err != nil {
-			return nil, err
-		}
-		filter.AddNotNil("hash", int64(hash)) // No type safety!
-	}
-	if params.Name.IsSet(){
-		filter.AddNotNil("name", params.Name.Value)
-	}
-	if params.Source.IsSet(){
-		filter.AddNotNil("source", params.Source.Value)
-	}
-	if params.SubmissionID.IsSet(){
-		filter.AddNotNil("submission_id", params.SubmissionID.Value)
-	}
-
-	items, err := svc.DB.Scripts().List(ctx, filter, model.Page{
-		Number: params.Page,
-		Size:   params.Limit,
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	var resp []api.Script
-	for _, item := range items {
-		resp = append(resp, api.Script{
-			ID:           item.ID,
-			Hash:         model.HashFormat(uint64(item.Hash)),
-			Source:       item.Source,
-			ResourceType: int32(item.ResourceType),
-			ResourceID:   item.ResourceID,
-		})
-	}
-
-	return resp, nil
-}
-
 // DeleteScript implements deleteScript operation.
 //
 // Delete the specified script by ID.
 //
 // DELETE /scripts/{ScriptID}
 func (svc *Service) DeleteScript(ctx context.Context, params api.DeleteScriptParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleScriptWrite()
-	if err != nil {
-		return err
-	}
-	if !has_role {
+	if !userInfo.Roles.ScriptWrite {
 		return ErrPermissionDenied
 	}

@@ -119,7 +64,7 @@ func (svc *Service) DeleteScript(ctx context.Context, params api.DeleteScriptPar
 //
 // GET /scripts/{ScriptID}
 func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (*api.Script, error) {
-	_, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	_, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return nil, ErrUserInfo
 	}
@@ -133,11 +78,9 @@ func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (

 	return &api.Script{
 		ID:           script.ID,
-		Name:         script.Name,
-		Hash:         model.HashFormat(uint64(script.Hash)),
+		Hash:         fmt.Sprintf("%x", script.Hash),
 		Source:       script.Source,
-		ResourceType: int32(script.ResourceType),
-		ResourceID:   script.ResourceID,
+		SubmissionID: script.SubmissionID,
 	}, nil
 }

@@ -147,32 +90,22 @@ func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (
 //
 // PATCH /scripts/{ScriptID}
 func (svc *Service) UpdateScript(ctx context.Context, req *api.ScriptUpdate, params api.UpdateScriptParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleScriptWrite()
-	if err != nil {
-		return err
-	}
-	if !has_role {
+	if !userInfo.Roles.ScriptWrite {
 		return ErrPermissionDenied
 	}

 	pmap := datastore.Optional()
-	if Name, ok := req.Name.Get(); ok {
-		pmap.Add("name", Name)
-	}
 	if source, ok := req.Source.Get(); ok {
 		pmap.Add("source", source)
-		pmap.Add("hash", int64(model.HashSource(source))) // No type safety!
+		pmap.Add("hash", siphash.Hash(0, 0, []byte(source)))
 	}
-	if ResourceType, ok := req.ResourceType.Get(); ok {
-		pmap.Add("resource_type", ResourceType)
-	}
-	if ResourceID, ok := req.ResourceID.Get(); ok {
-		pmap.Add("resource_id", ResourceID)
+	if SubmissionID, ok := req.SubmissionID.Get(); ok {
+		pmap.Add("submission_id", SubmissionID)
 	}
 	return svc.DB.Scripts().Update(ctx, req.ID, pmap)
 }
--- a/pkg/service/security.go
+++ b/pkg/service/security.go
@@ -14,145 +14,30 @@ var (
 	ErrInvalidSession = errors.New("Session invalid")
 )

-// Submissions roles bitflag
-type Roles int32
 var (
-	RolesSubmissionRelease Roles = 1<<4
-	RolesScriptWrite Roles = 1<<3
-	RolesMapUpload Roles = 1<<2
-	RolesMapReview Roles = 1<<1
-	RolesMapDownload Roles = 1<<0
-	RolesEmpty Roles = 0
-)
-
-// StrafesNET group roles
-type GroupRole int32
-var (
-	// has ScriptWrite
-	RoleQuat GroupRole = 255
-	RoleItzaname GroupRole = 254
-	RoleStagingDeveloper GroupRole = 240
-	RolesAll Roles = RolesScriptWrite|RolesSubmissionRelease|RolesMapUpload|RolesMapReview|RolesMapDownload
-	// has SubmissionUpload
-	RoleMapAdmin GroupRole = 128
-	RolesMapAdmin Roles = RolesSubmissionRelease|RolesMapUpload|RolesMapReview|RolesMapDownload
+	// has SubmissionPublish
+	RoleMapAdmin int32 = 128
 	// has SubmissionReview
-	RoleMapCouncil GroupRole = 64
-	RolesMapCouncil Roles = RolesMapReview|RolesMapUpload|RolesMapDownload
-	// access to downloading maps
-	RoleMapAccess GroupRole = 32
-	RolesMapAccess Roles = RolesMapDownload
+	RoleMapCouncil int32 = 64
 )

-type UserInfoHandle struct {
-	// Would love to know a better way to do this
-	svc       *SecurityHandler
-	ctx       *context.Context
-	sessionId string
+type Roles struct {
+	// human roles
+	SubmissionPublish bool
+	SubmissionReview  bool
+	ScriptWrite       bool
+	// automated roles
+	Maptest   bool
+	Validator bool
 }
+
 type UserInfo struct {
-	UserID    uint64
-	Username  string
-	AvatarURL string
+	Roles  Roles
+	UserID uint64
 }

-func (usr UserInfoHandle) GetUserInfo() (userInfo UserInfo, err error) {
-	session, err := usr.svc.Client.GetSessionUser(*usr.ctx, &auth.IdMessage{
-		SessionID: usr.sessionId,
-	})
-	if err != nil {
-		return userInfo, err
-	}
-	userInfo.UserID = session.UserID
-	userInfo.Username = session.Username
-	userInfo.AvatarURL = session.AvatarURL
-	return userInfo, nil
-}
-func (usr UserInfoHandle) GetUserID() (uint64, error) {
-	session, err := usr.svc.Client.GetSessionUser(*usr.ctx, &auth.IdMessage{
-		SessionID: usr.sessionId,
-	})
-	if err != nil {
-		return 0, err
-	}
-	return session.UserID, nil
-}
-func (usr UserInfoHandle) Validate() (bool, error) {
-	validate, err := usr.svc.Client.ValidateSession(*usr.ctx, &auth.IdMessage{
-		SessionID: usr.sessionId,
-	})
-	if err != nil {
-		return false, err
-	}
-	return validate.Valid, nil
-}
-func (usr UserInfoHandle) IsSubmitter(submitter uint64) (bool, error) {
-	userId, err := usr.GetUserID()
-	if err != nil {
-		return false, err
-	}
-	return userId == submitter, nil
-}
-func (usr UserInfoHandle) hasRoles(wantRoles Roles) (bool, error) {
-	haveroles, err := usr.GetRoles()
-	if err != nil {
-		return false, err
-	}
-
-	return haveroles & wantRoles == wantRoles, nil
-}
-func (usr UserInfoHandle) GetRoles() (Roles, error) {
-	roles, err := usr.svc.Client.GetGroupRole(*usr.ctx, &auth.IdMessage{
-		SessionID: usr.sessionId,
-	})
-
-	if err != nil {
-		return RolesEmpty, err
-	}
-
-	// map roles into bitflag
-	rolesBitflag := RolesEmpty;
-	for _, r := range roles.Roles {
-		switch GroupRole(r.Rank){
-		case RoleQuat, RoleItzaname, RoleStagingDeveloper:
-			rolesBitflag|=RolesAll
-		case RoleMapAdmin:
-			rolesBitflag|=RolesMapAdmin
-		case RoleMapCouncil:
-			rolesBitflag|=RolesMapCouncil
-		case RoleMapAccess:
-			rolesBitflag|=RolesMapAccess
-		}
-	}
-	return rolesBitflag, nil
-}
-
-// RoleThumbnail
-func (usr UserInfoHandle) HasRoleMapfixUpload() (bool, error) {
-	return usr.hasRoles(RolesMapUpload)
-}
-func (usr UserInfoHandle) HasRoleMapfixReview() (bool, error) {
-	return usr.hasRoles(RolesMapReview)
-}
-func (usr UserInfoHandle) HasRoleMapDownload() (bool, error) {
-	return usr.hasRoles(RolesMapDownload)
-}
-func (usr UserInfoHandle) HasRoleSubmissionRelease() (bool, error) {
-	return usr.hasRoles(RolesSubmissionRelease)
-}
-func (usr UserInfoHandle) HasRoleSubmissionUpload() (bool, error) {
-	return usr.hasRoles(RolesMapUpload)
-}
-func (usr UserInfoHandle) HasRoleSubmissionReview() (bool, error) {
-	return usr.hasRoles(RolesMapReview)
-}
-func (usr UserInfoHandle) HasRoleScriptWrite() (bool, error) {
-	return usr.hasRoles(RolesScriptWrite)
-}
-/// Not implemented
-func (usr UserInfoHandle) HasRoleMaptest() (bool, error) {
-	println("HasRoleMaptest is not implemented!")
-	return false, nil
+func (usr UserInfo) IsSubmitter(submitter uint64) bool {
+	return usr.UserID == submitter
 }

 type SecurityHandler struct {
@@ -165,10 +50,45 @@ func (svc SecurityHandler) HandleCookieAuth(ctx context.Context, operationName a
 		return nil, ErrMissingSessionID
 	}

-	newCtx := context.WithValue(ctx, "UserInfo", UserInfoHandle{
-		svc:       &svc,
-		ctx:       &ctx,
-		sessionId: sessionId,
+	session, err := svc.Client.GetSessionUser(ctx, &auth.IdMessage{
+		SessionID: sessionId,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	role, err := svc.Client.GetGroupRole(ctx, &auth.IdMessage{
+		SessionID: sessionId,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	validate, err := svc.Client.ValidateSession(ctx, &auth.IdMessage{
+		SessionID: sessionId,
+	})
+	if err != nil {
+		return nil, err
+	}
+	if !validate.Valid {
+		return nil, ErrInvalidSession
+	}
+
+	roles := Roles{}
+
+	// fix this when roblox udpates group roles
+	for _, r := range role.Roles {
+		if RoleMapAdmin <= r.Rank {
+			roles.SubmissionPublish = true
+		}
+		if RoleMapCouncil <= r.Rank {
+			roles.SubmissionReview = true
+		}
+	}
+
+	newCtx := context.WithValue(ctx, "UserInfo", UserInfo{
+		Roles:  roles,
+		UserID: session.UserID,
 	})

 	return newCtx, nil
--- a/pkg/service/service.go
+++ b/pkg/service/service.go
@@ -3,9 +3,6 @@ package service
 import (
 	"context"
 	"errors"
-	"fmt"
-
-	"git.itzana.me/strafesnet/go-grpc/maps"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"github.com/nats-io/nats.go"
@@ -16,20 +13,11 @@ var (
 	ErrPermissionDenied = errors.New("Permission denied")
 	// ErrUserInfo user info is missing for some reason
 	ErrUserInfo = errors.New("Missing user info")
-	ErrDelayReset = errors.New("Please give the validator at least 10 seconds to operate before attempting to reset the status")
-	ErrPermissionDeniedNotSubmitter = fmt.Errorf("%w: You must be the submitter to perform this action", ErrPermissionDenied)
-	ErrPermissionDeniedNeedRoleSubmissionRelease = fmt.Errorf("%w: Need Role SubmissionRelease", ErrPermissionDenied)
-	ErrPermissionDeniedNeedRoleMapUpload = fmt.Errorf("%w: Need Role MapUpload", ErrPermissionDenied)
-	ErrPermissionDeniedNeedRoleMapReview = fmt.Errorf("%w: Need Role MapReview", ErrPermissionDenied)
-	ErrPermissionDeniedNeedRoleMapDownload = fmt.Errorf("%w: Need Role MapDownload", ErrPermissionDenied)
-	ErrPermissionDeniedNeedRoleScriptWrite = fmt.Errorf("%w: Need Role ScriptWrite", ErrPermissionDenied)
-	ErrPermissionDeniedNeedRoleMaptest = fmt.Errorf("%w: Need Role Maptest", ErrPermissionDenied)
 )

 type Service struct {
 	DB   datastore.Datastore
 	Nats nats.JetStreamContext
-	Client maps.MapsServiceClient
 }

 // NewError creates *ErrorStatusCode from error returned by handler.
@@ -37,9 +25,6 @@ type Service struct {
 // Used for common default response.
 func (svc *Service) NewError(ctx context.Context, err error) *api.ErrorStatusCode {
 	status := 500
-	if errors.Is(err, datastore.ErrNotExist) {
-		status = 404
-	}
 	if errors.Is(err, ErrPermissionDenied) {
 		status = 403
 	}
--- a/pkg/service/session.go
+++ b/pkg/service/session.go
@@ -1,68 +0,0 @@
-package service
-
-import (
-	"context"
-
-	"git.itzana.me/strafesnet/maps-service/pkg/api"
-)
-
-// SessionRoles implements getSessionRoles operation.
-//
-// Get bitflags of permissions the currently logged in user has.
-//
-// GET /session/roles
-func (svc *Service) SessionRoles(ctx context.Context) (*api.Roles, error) {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
-	if !ok {
-		return nil, ErrUserInfo
-	}
-
-	roles, err := userInfo.GetRoles();
-	if err != nil {
-		return nil, err
-	}
-
-	return &api.Roles{Roles: int32(roles)}, nil
-}
-
-// SessionUser implements sessionUser operation.
-//
-// Get information about the currently logged in user.
-//
-// GET /session/roles
-func (svc *Service) SessionUser(ctx context.Context) (*api.User, error) {
-	userInfoHandle, ok := ctx.Value("UserInfo").(UserInfoHandle)
-	if !ok {
-		return nil, ErrUserInfo
-	}
-
-	userInfo, err := userInfoHandle.GetUserInfo();
-	if err != nil {
-		return nil, err
-	}
-
-	return &api.User{
-		UserID:int64(userInfo.UserID),
-		Username:userInfo.Username,
-		AvatarURL:userInfo.AvatarURL,
-	}, nil
-}
-
-// SessionUser implements sessionUser operation.
-//
-// Get information about the currently logged in user.
-//
-// GET /session/roles
-func (svc *Service) SessionValidate(ctx context.Context) (bool, error) {
-	userInfoHandle, ok := ctx.Value("UserInfo").(UserInfoHandle)
-	if !ok {
-		return false, ErrUserInfo
-	}
-
-	valid, err := userInfoHandle.Validate();
-	if err != nil {
-		return false, err
-	}
-
-	return valid, nil
-}
--- a/pkg/service/submissions.go
+++ b/pkg/service/submissions.go
@@ -3,109 +3,30 @@ package service
 import (
 	"context"
 	"encoding/json"
-	"errors"
-	"fmt"
-	"time"

-	"git.itzana.me/strafesnet/go-grpc/maps"
 	"git.itzana.me/strafesnet/maps-service/pkg/api"
 	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
 	"git.itzana.me/strafesnet/maps-service/pkg/model"
 )

-var(
-	CreationPhaseSubmissionsLimit = 20
-	CreationPhaseSubmissionStatuses = []model.SubmissionStatus{
-		model.SubmissionStatusChangesRequested,
-		model.SubmissionStatusSubmitted,
-		model.SubmissionStatusUnderConstruction,
-	}
-	// prevent two mapfixes with same asset id
-	ActiveSubmissionStatuses = []model.SubmissionStatus{
-		model.SubmissionStatusUploading,
-		model.SubmissionStatusValidated,
-		model.SubmissionStatusValidating,
-		model.SubmissionStatusAccepted,
-		model.SubmissionStatusChangesRequested,
-		model.SubmissionStatusSubmitted,
-		model.SubmissionStatusUnderConstruction,
-	}
-	// limit mapfixes in the pipeline to one per target map
-	ActiveAcceptedSubmissionStatuses = []model.SubmissionStatus{
-		model.SubmissionStatusUploading,
-		model.SubmissionStatusValidated,
-		model.SubmissionStatusValidating,
-		model.SubmissionStatusAccepted,
-	}
-)
-
-var (
-	ErrCreationPhaseSubmissionsLimit = errors.New("Active submissions limited to 20")
-	ErrActiveSubmissionSameAssetID = errors.New("There is an active submission with the same AssetID")
-	ErrUploadedAssetIDAlreadyExists = errors.New("The submission UploadedAssetID is already set")
-	ErrReleaseInvalidStatus = errors.New("Only submissions with Uploaded status can be released")
-	ErrReleaseNoUploadedAssetID = errors.New("Only submissions with a UploadedAssetID can be released")
-	ErrAcceptOwnSubmission = fmt.Errorf("%w: You cannot accept your own submission as the submitter", ErrPermissionDenied)
-)
-
 // POST /submissions
 func (svc *Service) CreateSubmission(ctx context.Context, request *api.SubmissionCreate) (*api.ID, error) {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return nil, ErrUserInfo
 	}

-	userId, err := userInfo.GetUserID()
-	if err != nil {
-		return nil, err
-	}
-
-	// Check if user's submissions in the creation phase exceeds the limit
-	{
-		filter := datastore.Optional()
-		filter.Add("submitter", int64(userId))
-		filter.Add("status_id", CreationPhaseSubmissionStatuses)
-		creation_submissions, err := svc.DB.Submissions().List(ctx, filter, model.Page{
-			Number: 1,
-			Size:   int32(CreationPhaseSubmissionsLimit),
-		},datastore.ListSortDisabled)
-		if err != nil {
-			return nil, err
-		}
-
-		if CreationPhaseSubmissionsLimit <= len(creation_submissions) {
-			return nil, ErrCreationPhaseSubmissionsLimit
-		}
-	}
-
-	// Check if an active submission with the same asset id exists
-	{
-		filter := datastore.Optional()
-		filter.Add("asset_id", request.AssetID)
-		filter.Add("asset_version", request.AssetVersion)
-		filter.Add("status_id", ActiveSubmissionStatuses)
-		active_submissions, err := svc.DB.Submissions().List(ctx, filter, model.Page{
-			Number: 1,
-			Size:   1,
-		},datastore.ListSortDisabled)
-		if err != nil {
-			return nil, err
-		}
-		if len(active_submissions) != 0{
-			return nil, ErrActiveSubmissionSameAssetID
-		}
-	}
-
 	submission, err := svc.DB.Submissions().Create(ctx, model.Submission{
 		ID:            0,
 		DisplayName:   request.DisplayName,
 		Creator:       request.Creator,
 		GameID:        request.GameID,
-		Submitter:     int64(userId),
-		AssetID:       request.AssetID,
-		AssetVersion:  request.AssetVersion,
+		Submitter:     userInfo.UserID,
+		AssetID:       uint64(request.AssetID),
+		AssetVersion:  uint64(request.AssetVersion),
 		Completed:     false,
-		StatusID:      model.SubmissionStatusUnderConstruction,
+		TargetAssetID: uint64(request.TargetAssetID.Value),
+		StatusID:      model.StatusUnderConstruction,
 	})
 	if err != nil {
 		return nil, err
@@ -136,9 +57,8 @@ func (svc *Service) GetSubmission(ctx context.Context, params api.GetSubmissionP
 		AssetID:       int64(submission.AssetID),
 		AssetVersion:  int64(submission.AssetVersion),
 		Completed:     submission.Completed,
-		UploadedAssetID: api.NewOptInt64(int64(submission.UploadedAssetID)),
+		TargetAssetID: api.NewOptInt64(int64(submission.TargetAssetID)),
 		StatusID:      int32(submission.StatusID),
-		StatusMessage: submission.StatusMessage,
 	}, nil
 }

@@ -147,44 +67,38 @@ func (svc *Service) GetSubmission(ctx context.Context, params api.GetSubmissionP
 // Get list of submissions.
 //
 // GET /submissions
-func (svc *Service) ListSubmissions(ctx context.Context, params api.ListSubmissionsParams) ([]api.Submission, error) {
+func (svc *Service) ListSubmissions(ctx context.Context, request api.ListSubmissionsParams) ([]api.Submission, error) {
 	filter := datastore.Optional()
-
-	if params.DisplayName.IsSet(){
-		filter.Add("display_name", params.DisplayName.Value)
+	//fmt.Println(request)
+	if request.Filter.IsSet() {
+		filter.AddNotNil("display_name", request.Filter.Value.DisplayName)
+		filter.AddNotNil("creator", request.Filter.Value.Creator)
+		filter.AddNotNil("game_id", request.Filter.Value.GameID)
 	}
-	if params.Creator.IsSet(){
-		filter.Add("creator", params.Creator.Value)
-	}
-	if params.GameID.IsSet(){
-		filter.Add("game_id", params.GameID.Value)
-	}
-
-	sort := datastore.ListSort(params.Sort.Or(int32(datastore.ListSortDisabled)))

 	items, err := svc.DB.Submissions().List(ctx, filter, model.Page{
-		Number: params.Page,
-		Size:   params.Limit,
-	},sort)
+		Number: request.Page.GetPage(),
+		Size:   request.Page.GetLimit(),
+	})
 	if err != nil {
 		return nil, err
 	}

 	var resp []api.Submission
-	for _, item := range items {
+	for i := 0; i < len(items); i++ {
 		resp = append(resp, api.Submission{
-			ID:            item.ID,
-			DisplayName:   item.DisplayName,
-			Creator:       item.Creator,
-			GameID:        item.GameID,
-			CreatedAt:     item.CreatedAt.Unix(),
-			UpdatedAt:     item.UpdatedAt.Unix(),
-			Submitter:     int64(item.Submitter),
-			AssetID:       int64(item.AssetID),
-			AssetVersion:  int64(item.AssetVersion),
-			Completed:     item.Completed,
-			UploadedAssetID: api.NewOptInt64(int64(item.UploadedAssetID)),
-			StatusID:      int32(item.StatusID),
+			ID:            items[i].ID,
+			DisplayName:   items[i].DisplayName,
+			Creator:       items[i].Creator,
+			GameID:        items[i].GameID,
+			CreatedAt:     items[i].CreatedAt.Unix(),
+			UpdatedAt:     items[i].UpdatedAt.Unix(),
+			Submitter:     int64(items[i].Submitter),
+			AssetID:       int64(items[i].AssetID),
+			AssetVersion:  int64(items[i].AssetVersion),
+			Completed:     items[i].Completed,
+			TargetAssetID: api.NewOptInt64(int64(items[i].TargetAssetID)),
+			StatusID:      int32(items[i].StatusID),
 		})
 	}

@@ -197,32 +111,29 @@ func (svc *Service) ListSubmissions(ctx context.Context, params api.ListSubmissi
 //
 // POST /submissions/{SubmissionID}/completed
 func (svc *Service) SetSubmissionCompleted(ctx context.Context, params api.SetSubmissionCompletedParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleMaptest()
-	if err != nil {
-		return err
-	}
 	// check if caller has MaptestGame role (request must originate from a maptest roblox game)
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleMaptest
+	if !userInfo.Roles.Maptest {
+		return ErrPermissionDenied
 	}

 	pmap := datastore.Optional()
 	pmap.Add("completed", true)
-	return svc.DB.Submissions().Update(ctx, params.SubmissionID, pmap)
+	err := svc.DB.Submissions().Update(ctx, params.SubmissionID, pmap)
+	return err
 }

-// UpdateSubmissionModel implements patchSubmissionModel operation.
+// PatchSubmissionModel implements patchSubmissionModel operation.
 //
 // Update model following role restrictions.
 //
 // POST /submissions/{SubmissionID}/model
 func (svc *Service) UpdateSubmissionModel(ctx context.Context, params api.UpdateSubmissionModelParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}
@@ -233,13 +144,9 @@ func (svc *Service) UpdateSubmissionModel(ctx context.Context, params api.Update
 		return err
 	}

-	has_role, err := userInfo.IsSubmitter(uint64(submission.Submitter))
-	if err != nil {
-		return err
-	}
 	// check if caller is the submitter
-	if !has_role {
-		return ErrPermissionDeniedNotSubmitter
+	if !userInfo.IsSubmitter(submission.Submitter) {
+		return ErrPermissionDenied
 	}

 	// check if Status is ChangesRequested|Submitted|UnderConstruction
@@ -248,7 +155,21 @@ func (svc *Service) UpdateSubmissionModel(ctx context.Context, params api.Update
 	pmap.AddNotNil("asset_version", params.VersionID)
 	//always reset completed when model changes
 	pmap.Add("completed", false)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusChangesRequested, model.SubmissionStatusSubmitted, model.SubmissionStatusUnderConstruction}, pmap)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusChangesRequested, model.StatusSubmitted, model.StatusUnderConstruction}, pmap)
+}
+
+// ActionSubmissionPublish invokes actionSubmissionPublish operation.
+//
+// Role Validator changes status from Publishing -> Published.
+//
+// POST /submissions/{SubmissionID}/status/publish
+func (svc *Service) ActionSubmissionPublish(ctx context.Context, params api.ActionSubmissionPublishParams) error {
+	println("[ActionSubmissionPublish] Implicit Validator permission granted!")
+
+	// transaction
+	smap := datastore.Optional()
+	smap.Add("status_id", model.StatusPublished)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusPublishing}, smap)
 }

 // ActionSubmissionReject invokes actionSubmissionReject operation.
@@ -257,24 +178,20 @@ func (svc *Service) UpdateSubmissionModel(ctx context.Context, params api.Update
 //
 // POST /submissions/{SubmissionID}/status/reject
 func (svc *Service) ActionSubmissionReject(ctx context.Context, params api.ActionSubmissionRejectParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleSubmissionReview()
-	if err != nil {
-		return err
-	}
 	// check if caller has required role
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleMapReview
+	if !userInfo.Roles.SubmissionReview {
+		return ErrPermissionDenied
 	}

 	// transaction
 	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusRejected)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusSubmitted}, smap)
+	smap.Add("status_id", model.StatusRejected)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusSubmitted}, smap)
 }

 // ActionSubmissionRequestChanges invokes actionSubmissionRequestChanges operation.
@@ -283,24 +200,20 @@ func (svc *Service) ActionSubmissionReject(ctx context.Context, params api.Actio
 //
 // POST /submissions/{SubmissionID}/status/request-changes
 func (svc *Service) ActionSubmissionRequestChanges(ctx context.Context, params api.ActionSubmissionRequestChangesParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleSubmissionReview()
-	if err != nil {
-		return err
-	}
 	// check if caller has required role
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleMapReview
+	if !userInfo.Roles.SubmissionReview {
+		return ErrPermissionDenied
 	}

 	// transaction
 	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusChangesRequested)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidated, model.SubmissionStatusAccepted, model.SubmissionStatusSubmitted}, smap)
+	smap.Add("status_id", model.StatusChangesRequested)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusValidated, model.StatusAccepted, model.StatusSubmitted}, smap)
 }

 // ActionSubmissionRevoke invokes actionSubmissionRevoke operation.
@@ -309,7 +222,7 @@ func (svc *Service) ActionSubmissionRequestChanges(ctx context.Context, params a
 //
 // POST /submissions/{SubmissionID}/status/revoke
 func (svc *Service) ActionSubmissionRevoke(ctx context.Context, params api.ActionSubmissionRevokeParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}
@@ -320,19 +233,15 @@ func (svc *Service) ActionSubmissionRevoke(ctx context.Context, params api.Actio
 		return err
 	}

-	has_role, err := userInfo.IsSubmitter(uint64(submission.Submitter))
-	if err != nil {
-		return err
-	}
 	// check if caller is the submitter
-	if !has_role {
-		return ErrPermissionDeniedNotSubmitter
+	if !userInfo.IsSubmitter(submission.Submitter) {
+		return ErrPermissionDenied
 	}

 	// transaction
 	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusUnderConstruction)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusSubmitted, model.SubmissionStatusChangesRequested}, smap)
+	smap.Add("status_id", model.StatusUnderConstruction)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusSubmitted, model.StatusChangesRequested}, smap)
 }

 // ActionSubmissionSubmit invokes actionSubmissionSubmit operation.
@@ -341,7 +250,7 @@ func (svc *Service) ActionSubmissionRevoke(ctx context.Context, params api.Actio
 //
 // POST /submissions/{SubmissionID}/status/submit
 func (svc *Service) ActionSubmissionSubmit(ctx context.Context, params api.ActionSubmissionSubmitParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}
@@ -352,325 +261,130 @@ func (svc *Service) ActionSubmissionSubmit(ctx context.Context, params api.Actio
 		return err
 	}

-	has_role, err := userInfo.IsSubmitter(uint64(submission.Submitter))
-	if err != nil {
-		return err
-	}
 	// check if caller is the submitter
-	if !has_role {
-		return ErrPermissionDeniedNotSubmitter
+	if !userInfo.IsSubmitter(submission.Submitter) {
+		return ErrPermissionDenied
 	}

 	// transaction
 	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusSubmitted)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusUnderConstruction, model.SubmissionStatusChangesRequested}, smap)
+	smap.Add("status_id", model.StatusSubmitted)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusUnderConstruction, model.StatusChangesRequested}, smap)
 }

-// ActionSubmissionTriggerUpload invokes actionSubmissionTriggerUpload operation.
+// ActionSubmissionTriggerPublish invokes actionSubmissionTriggerPublish operation.
 //
-// Role Admin changes status from Validated -> Uploading.
+// Role Admin changes status from Validated -> Publishing.
 //
-// POST /submissions/{SubmissionID}/status/trigger-upload
-func (svc *Service) ActionSubmissionTriggerUpload(ctx context.Context, params api.ActionSubmissionTriggerUploadParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
+// POST /submissions/{SubmissionID}/status/trigger-publish
+func (svc *Service) ActionSubmissionTriggerPublish(ctx context.Context, params api.ActionSubmissionTriggerPublishParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
 	if !ok {
 		return ErrUserInfo
 	}

-	has_role, err := userInfo.HasRoleSubmissionUpload()
-	if err != nil {
-		return err
-	}
 	// check if caller has required role
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleMapUpload
+	if !userInfo.Roles.SubmissionPublish {
+		return ErrPermissionDenied
 	}

 	// transaction
 	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusUploading)
-	submission, err := svc.DB.Submissions().IfStatusThenUpdateAndGet(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidated}, smap)
+	smap.Add("status_id", model.StatusPublishing)
+	submission, err := svc.DB.Submissions().IfStatusThenUpdateAndGet(ctx, params.SubmissionID, []model.Status{model.StatusValidated}, smap)
 	if err != nil {
 		return err
 	}

 	// sentinel value because we are not using rust
-	if submission.UploadedAssetID == 0 {
+	if submission.TargetAssetID == 0 {
 		// this is a new map
-		upload_new_request := model.UploadNewRequest{
+		publish_new_request := model.PublishNewRequest{
 			SubmissionID: submission.ID,
-			ModelID:      submission.ValidatedAssetID,
-			ModelVersion: submission.ValidatedAssetVersion,
-			// upload as displayname, whatever
-			ModelName:    submission.DisplayName,
+			ModelID:      submission.AssetID,
+			ModelVersion: submission.AssetVersion,
+			Creator:      submission.Creator,
+			DisplayName:  submission.DisplayName,
+			GameID:       uint32(submission.GameID),
 		}

-		j, err := json.Marshal(upload_new_request)
+		j, err := json.Marshal(publish_new_request)
 		if err != nil {
 			return err
 		}

-		svc.Nats.Publish("maptest.submissions.upload", []byte(j))
+		svc.Nats.Publish("maptest.submissions.publish.new", []byte(j))
 	} else {
-		// refuse to operate
-		return ErrUploadedAssetIDAlreadyExists
+		// this is a map fix
+		publish_fix_request := model.PublishFixRequest{
+			SubmissionID:  submission.ID,
+			ModelID:       submission.AssetID,
+			ModelVersion:  submission.AssetVersion,
+			TargetAssetID: submission.TargetAssetID,
+		}
+
+		j, err := json.Marshal(publish_fix_request)
+		if err != nil {
+			return err
+		}
+
+		svc.Nats.Publish("maptest.submissions.publish.fix", []byte(j))
 	}

 	return nil
 }

+// ActionSubmissionTriggerValidate invokes actionSubmissionTriggerValidate operation.
+//
+// Role Reviewer triggers validation and changes status from Submitted|Accepted -> Validating.
+//
+// POST /submissions/{SubmissionID}/status/trigger-validate
+func (svc *Service) ActionSubmissionTriggerValidate(ctx context.Context, params api.ActionSubmissionTriggerValidateParams) error {
+	userInfo, ok := ctx.Value("UserInfo").(UserInfo)
+	if !ok {
+		return ErrUserInfo
+	}
+
+	// check if caller has required role
+	if !userInfo.Roles.SubmissionReview {
+		return ErrPermissionDenied
+	}
+
+	// transaction
+	smap := datastore.Optional()
+	smap.Add("status_id", model.StatusValidating)
+	submission, err := svc.DB.Submissions().IfStatusThenUpdateAndGet(ctx, params.SubmissionID, []model.Status{model.StatusSubmitted, model.StatusAccepted}, smap)
+	if err != nil {
+		return err
+	}
+
+	validate_request := model.ValidateRequest{
+		SubmissionID:     submission.ID,
+		ModelID:          submission.AssetID,
+		ModelVersion:     submission.AssetVersion,
+		ValidatedModelID: 0, //TODO: reuse velidation models
+	}
+
+	j, err := json.Marshal(validate_request)
+	if err != nil {
+		return err
+	}
+
+	svc.Nats.Publish("maptest.submissions.validate", []byte(j))
+
+	return nil
+}
+
 // ActionSubmissionValidate invokes actionSubmissionValidate operation.
 //
-// Role SubmissionRelease changes status from Uploading -> Validated.
+// Role Validator changes status from Validating -> Validated.
 //
-// POST /submissions/{SubmissionID}/status/reset-uploading
-func (svc *Service) ActionSubmissionValidated(ctx context.Context, params api.ActionSubmissionValidatedParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
-	if !ok {
-		return ErrUserInfo
-	}
-
-	has_role, err := userInfo.HasRoleSubmissionUpload()
-	if err != nil {
-		return err
-	}
-	// check if caller has required role
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleMapUpload
-	}
-
-	// check when submission was updated
-	submission, err := svc.DB.Submissions().Get(ctx, params.SubmissionID)
-	if err != nil {
-		return err
-	}
-	if time.Now().Before(submission.UpdatedAt.Add(time.Second*10)) {
-		// the last time the submission was updated must be longer than 10 seconds ago
-		return ErrDelayReset
-	}
+// POST /submissions/{SubmissionID}/status/validate
+func (svc *Service) ActionSubmissionValidate(ctx context.Context, params api.ActionSubmissionValidateParams) error {
+	println("[ActionSubmissionValidate] Implicit Validator permission granted!")

 	// transaction
 	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusValidated)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusUploading}, smap)
-}
-
-// ActionSubmissionTriggerValidate invokes actionSubmissionTriggerValidate operation.
-//
-// Role Reviewer triggers validation and changes status from Submitted -> Validating.
-//
-// POST /submissions/{SubmissionID}/status/trigger-validate
-func (svc *Service) ActionSubmissionTriggerValidate(ctx context.Context, params api.ActionSubmissionTriggerValidateParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
-	if !ok {
-		return ErrUserInfo
-	}
-
-	has_role, err := userInfo.HasRoleSubmissionReview()
-	if err != nil {
-		return err
-	}
-	// check if caller has required role
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleMapReview
-	}
-
-	// read submission (this could be done with a transaction WHERE clause)
-	submission, err := svc.DB.Submissions().Get(ctx, params.SubmissionID)
-	if err != nil {
-		return err
-	}
-
-	has_role, err = userInfo.IsSubmitter(uint64(submission.Submitter))
-	if err != nil {
-		return err
-	}
-	// check if caller is NOT the submitter
-	if has_role {
-		return ErrAcceptOwnSubmission
-	}
-
-	// transaction
-	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusValidating)
-	submission, err = svc.DB.Submissions().IfStatusThenUpdateAndGet(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusSubmitted}, smap)
-	if err != nil {
-		return err
-	}
-
-	validate_request := model.ValidateRequest{
-		SubmissionID:     submission.ID,
-		ModelID:          submission.AssetID,
-		ModelVersion:     submission.AssetVersion,
-		ValidatedModelID: nil,
-	}
-
-	// sentinel values because we're not using rust
-	if submission.ValidatedAssetID != 0 {
-		validate_request.ValidatedModelID = &submission.ValidatedAssetID
-	}
-
-	j, err := json.Marshal(validate_request)
-	if err != nil {
-		return err
-	}
-
-	svc.Nats.Publish("maptest.submissions.validate", []byte(j))
-
-	return nil
-}
-
-// ActionSubmissionRetryValidate invokes actionSubmissionRetryValidate operation.
-//
-// Role Reviewer re-runs validation and changes status from Accepted -> Validating.
-//
-// POST /submissions/{SubmissionID}/status/retry-validate
-func (svc *Service) ActionSubmissionRetryValidate(ctx context.Context, params api.ActionSubmissionRetryValidateParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
-	if !ok {
-		return ErrUserInfo
-	}
-
-	has_role, err := userInfo.HasRoleSubmissionReview()
-	if err != nil {
-		return err
-	}
-	// check if caller has required role
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleMapReview
-	}
-
-	// transaction
-	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusValidating)
-	submission, err := svc.DB.Submissions().IfStatusThenUpdateAndGet(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusAccepted}, smap)
-	if err != nil {
-		return err
-	}
-
-	validate_request := model.ValidateRequest{
-		SubmissionID:     submission.ID,
-		ModelID:          submission.AssetID,
-		ModelVersion:     submission.AssetVersion,
-		ValidatedModelID: nil,
-	}
-
-	// sentinel values because we're not using rust
-	if submission.ValidatedAssetID != 0 {
-		validate_request.ValidatedModelID = &submission.ValidatedAssetID
-	}
-
-	j, err := json.Marshal(validate_request)
-	if err != nil {
-		return err
-	}
-
-	svc.Nats.Publish("maptest.submissions.validate", []byte(j))
-
-	return nil
-}
-
-// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
-//
-// Role SubmissionReview changes status from Validating -> Accepted.
-//
-// POST /submissions/{SubmissionID}/status/reset-validating
-func (svc *Service) ActionSubmissionAccepted(ctx context.Context, params api.ActionSubmissionAcceptedParams) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
-	if !ok {
-		return ErrUserInfo
-	}
-
-	has_role, err := userInfo.HasRoleSubmissionReview()
-	if err != nil {
-		return err
-	}
-	// check if caller has required role
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleMapReview
-	}
-
-	// check when submission was updated
-	submission, err := svc.DB.Submissions().Get(ctx, params.SubmissionID)
-	if err != nil {
-		return err
-	}
-	if time.Now().Before(submission.UpdatedAt.Add(time.Second*10)) {
-		// the last time the submission was updated must be longer than 10 seconds ago
-		return ErrDelayReset
-	}
-
-	// transaction
-	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusAccepted)
-	smap.Add("status_message", "Manually forced reset")
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, smap)
-}
-
-// ReleaseSubmissions invokes releaseSubmissions operation.
-//
-// Release a set of uploaded maps.
-//
-// POST /release-submissions
-func (svc *Service) ReleaseSubmissions(ctx context.Context, request []api.ReleaseInfo) error {
-	userInfo, ok := ctx.Value("UserInfo").(UserInfoHandle)
-	if !ok {
-		return ErrUserInfo
-	}
-
-	has_role, err := userInfo.HasRoleSubmissionRelease()
-	if err != nil {
-		return err
-	}
-	// check if caller has required role
-	if !has_role {
-		return ErrPermissionDeniedNeedRoleSubmissionRelease
-	}
-
-	idList := make([]int64, len(request))
-	for i, releaseInfo := range request {
-		idList[i] = releaseInfo.SubmissionID
-	}
-
-	// fetch submissions
-	submissions, err := svc.DB.Submissions().GetList(ctx, idList)
-	if err != nil {
-		return err
-	}
-
-	// check each submission to make sure it is ready to release
-	for _,submission := range submissions{
-		if submission.StatusID != model.SubmissionStatusUploaded{
-			return ErrReleaseInvalidStatus
-		}
-		if submission.UploadedAssetID == 0{
-			return ErrReleaseNoUploadedAssetID
-		}
-	}
-
-	for i,submission := range submissions{
-		date := request[i].Date.Unix()
-		// create each map with go-grpc
-		_, err := svc.Client.Create(ctx, &maps.MapRequest{
-			ID:          submission.UploadedAssetID,
-			DisplayName: &submission.DisplayName,
-			Creator:     &submission.Creator,
-			GameID:      &submission.GameID,
-			Date:        &date,
-		})
-		if err != nil {
-			return err
-		}
-
-		// update each status to Released
-		smap := datastore.Optional()
-		smap.Add("status_id", model.SubmissionStatusReleased)
-		err = svc.DB.Submissions().IfStatusThenUpdate(ctx, submission.ID, []model.SubmissionStatus{model.SubmissionStatusUploaded}, smap)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
+	smap.Add("status_id", model.StatusValidated)
+	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.Status{model.StatusValidating}, smap)
 }
--- a/pkg/service_internal/script_policy.go
+++ b/pkg/service_internal/script_policy.go
@@ -1,80 +0,0 @@
-package service_internal
-
-import (
-	"context"
-
-	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
-	"git.itzana.me/strafesnet/maps-service/pkg/internal"
-	"git.itzana.me/strafesnet/maps-service/pkg/model"
-)
-
-// CreateScriptPolicy implements createScriptPolicy operation.
-//
-// Create a new script policy.
-//
-// POST /script-policy
-func (svc *Service) CreateScriptPolicy(ctx context.Context, req *api.ScriptPolicyCreate) (*api.ID, error) {
-	from_script, err := svc.DB.Scripts().Get(ctx, req.FromScriptID)
-	if err != nil {
-		return nil, err
-	}
-
-	// the existence of ToScriptID does not need to be validated because it's checked by a foreign key constraint.
-
-	script, err := svc.DB.ScriptPolicy().Create(ctx, model.ScriptPolicy{
-		ID:             0,
-		FromScriptHash: from_script.Hash,
-		ToScriptID:     req.ToScriptID,
-		Policy:         model.Policy(req.Policy),
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	return &api.ID{
-		ID: script.ID,
-	}, nil
-}
-
-// ListScriptPolicy implements listScriptPolicy operation.
-//
-// Get list of script policies.
-//
-// GET /script-policy
-func (svc *Service) ListScriptPolicy(ctx context.Context, params api.ListScriptPolicyParams) ([]api.ScriptPolicy, error) {
-	filter := datastore.Optional()
-
-	if params.FromScriptHash.IsSet(){
-		hash, err := model.HashParse(params.FromScriptHash.Value)
-		if err != nil {
-			return nil, err
-		}
-		filter.AddNotNil("from_script_hash", int64(hash)) // No type safety!
-	}
-	if params.ToScriptID.IsSet(){
-		filter.AddNotNil("to_script_id", params.ToScriptID.Value)
-	}
-	if params.Policy.IsSet(){
-		filter.AddNotNil("policy", params.Policy.Value)
-	}
-
-	items, err := svc.DB.ScriptPolicy().List(ctx, filter, model.Page{
-		Number: params.Page,
-		Size:   params.Limit,
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	var resp []api.ScriptPolicy
-	for _, item := range items {
-		resp = append(resp, api.ScriptPolicy{
-			ID:             item.ID,
-			FromScriptHash: model.HashFormat(uint64(item.FromScriptHash)),
-			ToScriptID:     item.ToScriptID,
-			Policy:         int32(item.Policy),
-		})
-	}
-
-	return resp, nil
-}
--- a/pkg/service_internal/scripts.go
+++ b/pkg/service_internal/scripts.go
@@ -1,100 +0,0 @@
-package service_internal
-
-import (
-	"context"
-
-	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
-	"git.itzana.me/strafesnet/maps-service/pkg/internal"
-	"git.itzana.me/strafesnet/maps-service/pkg/model"
-)
-
-// CreateScript implements createScript operation.
-//
-// Create a new script.
-//
-// POST /scripts
-func (svc *Service) CreateScript(ctx context.Context, req *api.ScriptCreate) (*api.ID, error) {
-	script, err := svc.DB.Scripts().Create(ctx, model.Script{
-		ID:           0,
-		Name:         req.Name,
-		Hash:         int64(model.HashSource(req.Source)),
-		Source:       req.Source,
-		ResourceType: model.ResourceType(req.ResourceType),
-		ResourceID:   req.ResourceID.Or(0),
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	return &api.ID{
-		ID: script.ID,
-	}, nil
-}
-
-// ListScripts implements listScripts operation.
-//
-// Get list of scripts.
-//
-// GET /scripts
-func (svc *Service) ListScripts(ctx context.Context, params api.ListScriptsParams) ([]api.Script, error) {
-	filter := datastore.Optional()
-
-	if params.Hash.IsSet(){
-		hash, err := model.HashParse(params.Hash.Value)
-		if err != nil {
-			return nil, err
-		}
-		filter.AddNotNil("hash", int64(hash)) // No type safety!
-	}
-	if params.Name.IsSet(){
-		filter.AddNotNil("name", params.Name.Value)
-	}
-	if params.Source.IsSet(){
-		filter.AddNotNil("source", params.Source.Value)
-	}
-	if params.SubmissionID.IsSet(){
-		filter.AddNotNil("submission_id", params.SubmissionID.Value)
-	}
-
-	items, err := svc.DB.Scripts().List(ctx, filter, model.Page{
-		Number: params.Page,
-		Size:   params.Limit,
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	var resp []api.Script
-	for _, item := range items {
-		resp = append(resp, api.Script{
-			ID:           item.ID,
-			Hash:         model.HashFormat(uint64(item.Hash)),
-			Source:       item.Source,
-			ResourceType: int32(item.ResourceType),
-			ResourceID:   item.ResourceID,
-		})
-	}
-
-	return resp, nil
-}
-
-// GetScript implements getScript operation.
-//
-// Get the specified script by ID.
-//
-// GET /scripts/{ScriptID}
-func (svc *Service) GetScript(ctx context.Context, params api.GetScriptParams) (*api.Script, error) {
-	script, err := svc.DB.Scripts().Get(ctx, params.ScriptID)
-	if err != nil {
-		return nil, err
-	}
-
-	return &api.Script{
-		ID:           script.ID,
-		Name:         script.Name,
-		Hash:         model.HashFormat(uint64(script.Hash)),
-		Source:       script.Source,
-		ResourceType: int32(script.ResourceType),
-		ResourceID:   script.ResourceID,
-	}, nil
-}
--- a/pkg/service_internal/service_internal.go
+++ b/pkg/service_internal/service_internal.go
@@ -1,30 +0,0 @@
-package service_internal
-
-import (
-	"context"
-	"errors"
-
-	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
-	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
-	"github.com/nats-io/nats.go"
-)
-
-type Service struct {
-	DB   datastore.Datastore
-	Nats nats.JetStreamContext
-}
-
-// yay duplicate code
-func (svc *Service) NewError(ctx context.Context, err error) *internal.ErrorStatusCode {
-	status := 500
-	if errors.Is(err, datastore.ErrNotExist) {
-		status = 404
-	}
-	return &internal.ErrorStatusCode{
-		StatusCode: status,
-		Response: internal.Error{
-			Code:    int64(status),
-			Message: err.Error(),
-		},
-	}
-}
--- a/pkg/service_internal/submissions.go
+++ b/pkg/service_internal/submissions.go
@@ -1,62 +0,0 @@
-package service_internal
-
-import (
-	"context"
-
-	internal "git.itzana.me/strafesnet/maps-service/pkg/internal"
-	"git.itzana.me/strafesnet/maps-service/pkg/datastore"
-	"git.itzana.me/strafesnet/maps-service/pkg/model"
-)
-
-// UpdateSubmissionValidatedModel implements patchSubmissionModel operation.
-//
-// Update model following role restrictions.
-//
-// POST /submissions/{SubmissionID}/validated-model
-func (svc *Service) UpdateSubmissionValidatedModel(ctx context.Context, params internal.UpdateSubmissionValidatedModelParams) error {
-	// check if Status is ChangesRequested|Submitted|UnderConstruction
-	pmap := datastore.Optional()
-	pmap.AddNotNil("validated_asset_id", params.ValidatedModelID)
-	pmap.AddNotNil("validated_asset_version", params.ValidatedModelVersion)
-	// DO NOT reset completed when validated model is updated
-	// pmap.Add("completed", false)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, pmap)
-}
-
-// ActionSubmissionValidate invokes actionSubmissionValidate operation.
-//
-// Role Validator changes status from Validating -> Validated.
-//
-// POST /submissions/{SubmissionID}/status/validator-validated
-func (svc *Service) ActionSubmissionValidated(ctx context.Context, params internal.ActionSubmissionValidatedParams) error {
-	// transaction
-	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusValidated)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, smap)
-}
-
-// ActionSubmissionAccepted implements actionSubmissionAccepted operation.
-//
-// (Internal endpoint) Role Validator changes status from Validating -> Accepted.
-//
-// POST /submissions/{SubmissionID}/status/validator-failed
-func (svc *Service) ActionSubmissionAccepted(ctx context.Context, params internal.ActionSubmissionAcceptedParams) error {
-	// transaction
-	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusAccepted)
-	smap.Add("status_message", params.StatusMessage)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusValidating}, smap)
-}
-
-// ActionSubmissionUploaded implements actionSubmissionUploaded operation.
-//
-// (Internal endpoint) Role Validator changes status from Uploading -> Uploaded.
-//
-// POST /submissions/{SubmissionID}/status/validator-uploaded
-func (svc *Service) ActionSubmissionUploaded(ctx context.Context, params internal.ActionSubmissionUploadedParams) error {
-	// transaction
-	smap := datastore.Optional()
-	smap.Add("status_id", model.SubmissionStatusUploaded)
-	smap.Add("uploaded_asset_id", params.UploadedAssetID)
-	return svc.DB.Submissions().IfStatusThenUpdate(ctx, params.SubmissionID, []model.SubmissionStatus{model.SubmissionStatusUploading}, smap)
-}
--- a/validation/.dockerignore
+++ b/validation/.dockerignore
--- a/validation/Cargo.lock
+++ b/validation/Cargo.lock
--- a/validation/Cargo.toml
+++ b/validation/Cargo.toml
@@ -1,18 +1,20 @@
 [package]
 name = "maps-validation"
-version = "0.1.1"
+version = "0.1.0"
 edition = "2021"

 [dependencies]
-submissions-api = { path = "api", features = ["internal"], default-features = false, registry = "strafesnet" }
-async-nats = "0.40.0"
+api = { path = "api" }
+async-nats = "0.38.0"
 futures = "0.3.31"
-rbx_asset = { version = "0.2.5", registry = "strafesnet" }
+rbx_asset = { version = "0.2.3", registry = "strafesnet" }
 rbx_binary = { version = "0.7.4", registry = "strafesnet"}
 rbx_dom_weak = { version = "2.9.0", registry = "strafesnet"}
 rbx_reflection_database = { version = "0.2.12", registry = "strafesnet"}
 rbx_xml = { version = "0.13.3", registry = "strafesnet"}
+rust-grpc = { version = "1.0.3", registry = "strafesnet" }
 serde = { version = "1.0.215", features = ["derive"] }
 serde_json = "1.0.133"
 siphasher = "1.0.1"
-tokio = { version = "1.41.1", features = ["macros", "rt-multi-thread", "signal"] }
+tokio = { version = "1.41.1", features = ["macros", "rt-multi-thread", "fs"] }
+tonic = "0.12.3"
--- a/validation/api/Cargo.toml
+++ b/validation/api/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
-name = "submissions-api"
-version = "0.6.1"
+name = "api"
+version = "0.1.0"
 edition = "2021"
 publish = ["strafesnet"]
 repository = "https://git.itzana.me/StrafesNET/maps-service"
@@ -14,10 +14,4 @@ authors = ["Rhys Lloyd <krakow20@gmail.com>"]
 reqwest = { version = "0", features = ["json"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
-serde_repr = "0.1.19"
 url = "2"
-
-[features]
-default = ["external"]
-internal = []
-external = []
--- a/validation/api/src/context.rs
+++ b/validation/api/src/context.rs
@@ -1,47 +0,0 @@
-pub struct Cookie(reqwest::header::HeaderValue);
-
-impl Cookie{
-	/// cookie is prepended with "session_id=" by this function
-	pub fn new(cookie:&str)->Result<Self,reqwest::header::InvalidHeaderValue>{
-		Ok(Self(reqwest::header::HeaderValue::from_str(&format!("session_id={}",cookie))?))
-	}
-}
-
-#[derive(Clone)]
-pub struct Context{
-	pub base_url:String,
-	client:reqwest::Client,
-}
-
-impl Context{
-	pub fn new(base_url:String,cookie:Option<Cookie>)->reqwest::Result<Self>{
-		Ok(Self{
-			base_url,
-			client:{
-				let mut builder=reqwest::ClientBuilder::new();
-				if let Some(mut cookie)=cookie{
-					cookie.0.set_sensitive(true);
-					let mut headers=reqwest::header::HeaderMap::new();
-					headers.insert("Cookie",cookie.0);
-					builder=builder.default_headers(headers);
-				}
-				builder.build()?
-			},
-		})
-	}
-	pub async fn get(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
-		self.client.get(url)
-		.send().await
-	}
-	#[cfg(feature="internal")]
-	pub async fn post_empty_body(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
-		self.client.post(url)
-		.send().await
-	}
-	pub async fn post(&self,url:impl reqwest::IntoUrl,body:impl Into<reqwest::Body>)->Result<reqwest::Response,reqwest::Error>{
-		self.client.post(url)
-    	.header("Content-Type","application/json")
-    	.body(body)
-		.send().await
-	}
-}
--- a/validation/api/src/external.rs
+++ b/validation/api/src/external.rs
@@ -1,131 +0,0 @@
-use crate::types::*;
-
-#[derive(Clone)]
-pub struct Context(crate::context::Context);
-
-impl Context{
-	pub fn new(base_url:String,cookie:crate::context::Cookie)->reqwest::Result<Self>{
-		Ok(Self(crate::context::Context::new(base_url,Some(cookie))?))
-	}
-	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
-		let url_raw=format!("{}/scripts/{}",self.0.base_url,config.ScriptID.0);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		response_ok(
-			self.0.get(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_scripts<'a>(&self,config:GetScriptsRequest<'a>)->Result<Vec<ScriptResponse>,Error>{
-		let url_raw=format!("{}/scripts",self.0.base_url);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		{
-			let mut query_pairs=url.query_pairs_mut();
-			query_pairs.append_pair("Page",config.Page.to_string().as_str());
-			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
-			if let Some(name)=config.Name{
-				query_pairs.append_pair("Name",name);
-			}
-			if let Some(hash)=config.Hash{
-				query_pairs.append_pair("Hash",hash);
-			}
-			if let Some(source)=config.Source{
-				query_pairs.append_pair("Source",source);
-			}
-			if let Some(submission_id)=config.SubmissionID{
-				query_pairs.append_pair("SubmissionID",submission_id.to_string().as_str());
-			}
-		}
-
-		response_ok(
-			self.0.get(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_script_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptResponse>,SingleItemError>{
-		let scripts=self.get_scripts(GetScriptsRequest{
-			Page:1,
-			Limit:2,
-			Hash:Some(config.hash),
-			Name:None,
-			Source:None,
-			SubmissionID:None,
-		}).await.map_err(SingleItemError::Other)?;
-		if 1<scripts.len(){
-			return Err(SingleItemError::DuplicateItems);
-		}
-		Ok(scripts.into_iter().next())
-	}
-	pub async fn create_script<'a>(&self,config:CreateScriptRequest<'a>)->Result<ScriptIDResponse,Error>{
-		let url_raw=format!("{}/scripts",self.0.base_url);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
-
-		response_ok(
-			self.0.post(url,body).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_script_policies<'a>(&self,config:GetScriptPoliciesRequest<'a>)->Result<Vec<ScriptPolicyResponse>,Error>{
-		let url_raw=format!("{}/script-policy",self.0.base_url);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		{
-			let mut query_pairs=url.query_pairs_mut();
-			query_pairs.append_pair("Page",config.Page.to_string().as_str());
-			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
-			if let Some(hash)=config.FromScriptHash{
-				query_pairs.append_pair("FromScriptHash",hash);
-			}
-			if let Some(script_id)=config.ToScriptID{
-				query_pairs.append_pair("ToScriptID",script_id.0.to_string().as_str());
-			}
-			if let Some(policy)=config.Policy{
-				query_pairs.append_pair("Policy",(policy as i32).to_string().as_str());
-			}
-		}
-
-		response_ok(
-			self.0.get(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_script_policy_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptPolicyResponse>,SingleItemError>{
-		let policies=self.get_script_policies(GetScriptPoliciesRequest{
-			Page:1,
-			Limit:2,
-			FromScriptHash:Some(config.hash),
-			ToScriptID:None,
-			Policy:None,
-		}).await.map_err(SingleItemError::Other)?;
-		if 1<policies.len(){
-			return Err(SingleItemError::DuplicateItems);
-		}
-		Ok(policies.into_iter().next())
-	}
-	pub async fn create_script_policy(&self,config:CreateScriptPolicyRequest)->Result<ScriptPolicyIDResponse,Error>{
-		let url_raw=format!("{}/script-policy",self.0.base_url);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
-
-		response_ok(
-			self.0.post(url,body).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn update_script_policy(&self,config:UpdateScriptPolicyRequest)->Result<(),Error>{
-		let url_raw=format!("{}/script-policy/{}",self.0.base_url,config.ID.0);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
-
-		response_ok(
-			self.0.post(url,body).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?;
-
-		Ok(())
-	}
-}
--- a/validation/api/src/internal.rs
+++ b/validation/api/src/internal.rs
@@ -1,180 +0,0 @@
-use crate::types::*;
-
-#[derive(Clone)]
-pub struct Context(crate::context::Context);
-
-// there are lots of action endpoints and they all follow the same pattern
-macro_rules! action{
-	($fname:ident,$action:expr)=>{
-		pub async fn $fname(&self,config:SubmissionID)->Result<(),Error>{
-			let url_raw=format!(concat!("{}/submissions/{}/status/",$action),self.0.base_url,config.0);
-			let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-			response_ok(
-				self.0.post_empty_body(url).await.map_err(Error::Reqwest)?
-			).await.map_err(Error::Response)?;
-
-			Ok(())
-		}
-	};
-}
-impl Context{
-	pub fn new(base_url:String)->reqwest::Result<Self>{
-		Ok(Self(crate::context::Context::new(base_url,None)?))
-	}
-	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
-		let url_raw=format!("{}/scripts/{}",self.0.base_url,config.ScriptID.0);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		response_ok(
-			self.0.get(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_scripts<'a>(&self,config:GetScriptsRequest<'a>)->Result<Vec<ScriptResponse>,Error>{
-		let url_raw=format!("{}/scripts",self.0.base_url);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		{
-			let mut query_pairs=url.query_pairs_mut();
-			query_pairs.append_pair("Page",config.Page.to_string().as_str());
-			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
-			if let Some(name)=config.Name{
-				query_pairs.append_pair("Name",name);
-			}
-			if let Some(hash)=config.Hash{
-				query_pairs.append_pair("Hash",hash);
-			}
-			if let Some(source)=config.Source{
-				query_pairs.append_pair("Source",source);
-			}
-			if let Some(submission_id)=config.SubmissionID{
-				query_pairs.append_pair("SubmissionID",submission_id.to_string().as_str());
-			}
-		}
-
-		response_ok(
-			self.0.get(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_script_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptResponse>,SingleItemError>{
-		let scripts=self.get_scripts(GetScriptsRequest{
-			Page:1,
-			Limit:2,
-			Hash:Some(config.hash),
-			Name:None,
-			Source:None,
-			SubmissionID:None,
-		}).await.map_err(SingleItemError::Other)?;
-		if 1<scripts.len(){
-			return Err(SingleItemError::DuplicateItems);
-		}
-		Ok(scripts.into_iter().next())
-	}
-	pub async fn create_script<'a>(&self,config:CreateScriptRequest<'a>)->Result<ScriptIDResponse,Error>{
-		let url_raw=format!("{}/scripts",self.0.base_url);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
-
-		response_ok(
-			self.0.post(url,body).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_script_policies<'a>(&self,config:GetScriptPoliciesRequest<'a>)->Result<Vec<ScriptPolicyResponse>,Error>{
-		let url_raw=format!("{}/script-policy",self.0.base_url);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		{
-			let mut query_pairs=url.query_pairs_mut();
-			query_pairs.append_pair("Page",config.Page.to_string().as_str());
-			query_pairs.append_pair("Limit",config.Limit.to_string().as_str());
-			if let Some(hash)=config.FromScriptHash{
-				query_pairs.append_pair("FromScriptHash",hash);
-			}
-			if let Some(script_id)=config.ToScriptID{
-				query_pairs.append_pair("ToScriptID",script_id.0.to_string().as_str());
-			}
-			if let Some(policy)=config.Policy{
-				query_pairs.append_pair("Policy",(policy as i32).to_string().as_str());
-			}
-		}
-
-		response_ok(
-			self.0.get(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn get_script_policy_from_hash<'a>(&self,config:HashRequest<'a>)->Result<Option<ScriptPolicyResponse>,SingleItemError>{
-		let policies=self.get_script_policies(GetScriptPoliciesRequest{
-			Page:1,
-			Limit:2,
-			FromScriptHash:Some(config.hash),
-			ToScriptID:None,
-			Policy:None,
-		}).await.map_err(SingleItemError::Other)?;
-		if 1<policies.len(){
-			return Err(SingleItemError::DuplicateItems);
-		}
-		Ok(policies.into_iter().next())
-	}
-	pub async fn create_script_policy(&self,config:CreateScriptPolicyRequest)->Result<ScriptPolicyIDResponse,Error>{
-		let url_raw=format!("{}/script-policy",self.0.base_url);
-		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		let body=serde_json::to_string(&config).map_err(Error::JSON)?;
-
-		response_ok(
-			self.0.post(url,body).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?
-		.json().await.map_err(Error::Reqwest)
-	}
-	pub async fn update_submission_validated_model(&self,config:UpdateSubmissionModelRequest)->Result<(),Error>{
-		let url_raw=format!("{}/submissions/{}/validated-model",self.0.base_url,config.SubmissionID);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		{
-			url.query_pairs_mut()
-				.append_pair("ValidatedModelID",config.ModelID.to_string().as_str())
-				.append_pair("ValidatedModelVersion",config.ModelVersion.to_string().as_str());
-		}
-
-		response_ok(
-			self.0.post_empty_body(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?;
-
-		Ok(())
-	}
-	pub async fn action_submission_uploaded(&self,config:ActionSubmissionUploadedRequest)->Result<(),Error>{
-		let url_raw=format!("{}/submissions/{}/status/validator-uploaded",self.0.base_url,config.SubmissionID);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		{
-			url.query_pairs_mut()
-				.append_pair("UploadedAssetID",config.UploadedAssetID.to_string().as_str());
-		}
-		response_ok(
-			self.0.post_empty_body(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?;
-
-		Ok(())
-	}
-	pub async fn action_submission_accepted(&self,config:ActionSubmissionAcceptedRequest)->Result<(),Error>{
-		let url_raw=format!("{}/submissions/{}/status/validator-failed",self.0.base_url,config.SubmissionID);
-		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::Parse)?;
-
-		{
-			url.query_pairs_mut()
-				.append_pair("StatusMessage",config.StatusMessage.as_str());
-		}
-
-		response_ok(
-			self.0.post_empty_body(url).await.map_err(Error::Reqwest)?
-		).await.map_err(Error::Response)?;
-
-		Ok(())
-	}
-	action!(action_submission_validated,"validator-validated");
-}
--- a/validation/api/src/lib.rs
+++ b/validation/api/src/lib.rs
@@ -1,15 +1,130 @@
-mod context;
-pub use context::Cookie;
+#[derive(Debug)]
+pub enum Error{
+	ParseError(url::ParseError),
+	Reqwest(reqwest::Error),
+}
+impl std::fmt::Display for Error{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for Error{}

-pub mod types;
+#[derive(serde::Deserialize)]
+pub struct ScriptID(i64);

-#[cfg(feature="internal")]
-pub mod internal;
+#[allow(nonstandard_style)]
+pub struct GetScriptRequest{
+	pub ScriptID:ScriptID,
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct ScriptResponse{
+	pub ID:i64,
+	pub Hash:String,
+	pub Source:String,
+	pub SubmissionID:i64,
+}

-#[cfg(feature="external")]
-pub mod external;
+#[derive(serde::Deserialize)]
+#[repr(i32)]
+pub enum Policy{
+	Allowed=0,
+	Blocked=1,
+	Delete=2,
+	Replace=3,
+}
+
+pub struct ScriptPolicyHashRequest{
+	pub hash:String,
+}
+#[allow(nonstandard_style)]
+#[derive(serde::Deserialize)]
+pub struct ScriptPolicyResponse{
+	pub ID:i64,
+	pub FromScriptHash:String,
+	pub ToScriptID:ScriptID,
+	pub Policy:Policy
+}
+
+#[allow(nonstandard_style)]
+pub struct UpdateSubmissionModelRequest{
+	pub ID:i64,
+	pub ModelID:u64,
+	pub ModelVersion:u64,
+}
+
+pub struct SubmissionID(pub i64);
+
+#[derive(Clone)]
+pub struct Context{
+	base_url:String,
+	client:reqwest::Client,
+}

-//lazy reexports
-pub use types::Error;
 pub type ReqwestError=reqwest::Error;
-pub type CookieError=reqwest::header::InvalidHeaderValue;
+
+// there are lots of action endpoints and they all follow the same pattern
+macro_rules! action{
+	($fname:ident,$action:expr)=>{
+		pub async fn $fname(&self,config:SubmissionID)->Result<(),Error>{
+			let url_raw=format!(concat!("{}/submissions/{}/status/",$action),self.base_url,config.0);
+			let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
+
+			self.post(url).await.map_err(Error::Reqwest)?
+			.error_for_status().map_err(Error::Reqwest)?;
+
+			Ok(())
+		}
+	};
+}
+impl Context{
+	pub fn new(mut base_url:String)->reqwest::Result<Self>{
+		base_url+="/v1";
+		Ok(Self{
+			base_url,
+			client:reqwest::Client::new(),
+		})
+	}
+	async fn get(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
+		self.client.get(url)
+		.send().await
+	}
+	async fn post(&self,url:impl reqwest::IntoUrl)->Result<reqwest::Response,reqwest::Error>{
+		self.client.post(url)
+		.send().await
+	}
+	pub async fn get_script(&self,config:GetScriptRequest)->Result<ScriptResponse,Error>{
+		let url_raw=format!("{}/scripts/{}",self.base_url,config.ScriptID.0);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
+
+		self.get(url).await.map_err(Error::Reqwest)?
+		.error_for_status().map_err(Error::Reqwest)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn get_script_policy_from_hash(&self,config:ScriptPolicyHashRequest)->Result<ScriptPolicyResponse,Error>{
+		let url_raw=format!("{}/script-policy/hash/{}",self.base_url,config.hash);
+		let url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
+
+		self.get(url).await.map_err(Error::Reqwest)?
+		.error_for_status().map_err(Error::Reqwest)?
+		.json().await.map_err(Error::Reqwest)
+	}
+	pub async fn update_submission_model(&self,config:UpdateSubmissionModelRequest)->Result<(),Error>{
+		let url_raw=format!("{}/submissions/{}/model",self.base_url,config.ID);
+		let mut url=reqwest::Url::parse(url_raw.as_str()).map_err(Error::ParseError)?;
+
+		{
+			url.query_pairs_mut()
+				.append_pair("ModelID",config.ModelID.to_string().as_str())
+				.append_pair("ModelVersion",config.ModelVersion.to_string().as_str());
+		}
+
+		self.post(url).await.map_err(Error::Reqwest)?
+		.error_for_status().map_err(Error::Reqwest)?;
+
+		Ok(())
+	}
+	action!(action_submission_validate,"validator-validated");
+	action!(action_submission_publish,"validator-published");
+}
--- a/validation/api/src/types.rs
+++ b/validation/api/src/types.rs
@@ -1,222 +0,0 @@
-#[derive(Debug)]
-pub enum Error{
-	Parse(url::ParseError),
-	Reqwest(reqwest::Error),
-	Response(ResponseError),
-	JSON(serde_json::Error),
-}
-impl std::fmt::Display for Error{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for Error{}
-
-#[derive(Debug)]
-pub enum SingleItemError{
-	DuplicateItems,
-	Other(Error),
-}
-impl std::fmt::Display for SingleItemError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for SingleItemError{}
-
-#[allow(dead_code)]
-#[derive(Debug)]
-pub struct StatusCodeWithUrlAndBody{
-	pub status_code:reqwest::StatusCode,
-	pub url:url::Url,
-	pub body:String,
-}
-
-#[derive(Debug)]
-pub enum ResponseError{
-	Reqwest(reqwest::Error),
-	StatusCodeWithUrlAndBody(StatusCodeWithUrlAndBody),
-}
-impl std::fmt::Display for ResponseError{
-	fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for ResponseError{}
-// lazy function to draw out meaningful info from http response on failure
-pub async fn response_ok(response:reqwest::Response)->Result<reqwest::Response,ResponseError>{
-	let status_code=response.status();
-	if status_code.is_success(){
-		Ok(response)
-	}else{
-		let url=response.url().to_owned();
-		let bytes=response.bytes().await.map_err(ResponseError::Reqwest)?;
-		let body=String::from_utf8_lossy(&bytes).to_string();
-		Err(ResponseError::StatusCodeWithUrlAndBody(StatusCodeWithUrlAndBody{
-			status_code,
-			url,
-			body,
-		}))
-	}
-}
-
-#[derive(Clone,Copy,Debug,PartialEq,Eq,serde::Serialize,serde::Deserialize)]
-pub struct ScriptID(pub(crate)i64);
-#[derive(Clone,Copy,Debug,serde::Serialize,serde::Deserialize)]
-pub struct ScriptPolicyID(pub(crate)i64);
-
-#[allow(nonstandard_style)]
-pub struct GetScriptRequest{
-	pub ScriptID:ScriptID,
-}
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Serialize)]
-pub struct GetScriptsRequest<'a>{
-	pub Page:u32,
-	pub Limit:u32,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub Name:Option<&'a str>,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub Hash:Option<&'a str>,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub Source:Option<&'a str>,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub SubmissionID:Option<i64>,
-}
-#[derive(Clone,Copy,Debug)]
-pub struct HashRequest<'a>{
-	pub hash:&'a str,
-}
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Deserialize)]
-pub struct ScriptResponse{
-	pub ID:ScriptID,
-	pub Name:String,
-	pub Hash:String,
-	pub Source:String,
-	pub SubmissionID:i64,
-}
-#[derive(Clone,Debug,serde::Serialize)]
-pub enum ResourceType{
-	Unknown=0,
-	Mapfix=1,
-	Submission=2,
-}
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Serialize)]
-pub struct CreateScriptRequest<'a>{
-	pub Name:&'a str,
-	pub Source:&'a str,
-	pub ResourceType:ResourceType,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub ResourceID:Option<i64>,
-}
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Deserialize)]
-pub struct ScriptIDResponse{
-	pub ID:ScriptID,
-}
-
-#[derive(Clone,Copy,Debug,PartialEq,Eq,serde_repr::Serialize_repr,serde_repr::Deserialize_repr)]
-#[repr(i32)]
-pub enum Policy{
-	None=0, // not yet reviewed
-	Allowed=1,
-	Blocked=2,
-	Delete=3,
-	Replace=4,
-}
-
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Serialize)]
-pub struct GetScriptPoliciesRequest<'a>{
-	pub Page:u32,
-	pub Limit:u32,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub FromScriptHash:Option<&'a str>,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub ToScriptID:Option<ScriptID>,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub Policy:Option<Policy>,
-}
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Deserialize)]
-pub struct ScriptPolicyResponse{
-	pub ID:ScriptPolicyID,
-	pub FromScriptHash:String,
-	pub ToScriptID:ScriptID,
-	pub Policy:Policy
-}
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Serialize)]
-pub struct CreateScriptPolicyRequest{
-	pub FromScriptID:ScriptID,
-	pub ToScriptID:ScriptID,
-	pub Policy:Policy,
-}
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Deserialize)]
-pub struct ScriptPolicyIDResponse{
-	pub ID:ScriptPolicyID,
-}
-
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug,serde::Serialize)]
-pub struct UpdateScriptPolicyRequest{
-	pub ID:ScriptPolicyID,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub FromScriptID:Option<ScriptID>,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub ToScriptID:Option<ScriptID>,
-	#[serde(skip_serializing_if="Option::is_none")]
-	pub Policy:Option<Policy>,
-}
-
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug)]
-pub struct UpdateSubmissionModelRequest{
-	pub SubmissionID:i64,
-	pub ModelID:u64,
-	pub ModelVersion:u64,
-}
-
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug)]
-pub struct ActionSubmissionUploadedRequest{
-	pub SubmissionID:i64,
-	pub UploadedAssetID:u64,
-}
-
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug)]
-pub struct ActionSubmissionAcceptedRequest{
-	pub SubmissionID:i64,
-	pub StatusMessage:String,
-}
-
-#[derive(Clone,Copy,Debug)]
-pub struct SubmissionID(pub i64);
-
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug)]
-pub struct UpdateMapfixModelRequest{
-	pub MapfixID:i64,
-	pub ModelID:u64,
-	pub ModelVersion:u64,
-}
-
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug)]
-pub struct ActionMapfixUploadedRequest{
-	pub MapfixID:i64,
-}
-
-#[allow(nonstandard_style)]
-#[derive(Clone,Debug)]
-pub struct ActionMapfixAcceptedRequest{
-	pub MapfixID:i64,
-	pub StatusMessage:String,
-}
-
-#[derive(Clone,Copy,Debug)]
-pub struct MapfixID(pub i64);
--- a/validation/src/main.rs
+++ b/validation/src/main.rs
@@ -1,23 +1,17 @@
-use futures::StreamExt;
-
-mod message_handler;
-mod nats_types;
 mod types;
-mod uploader;
-mod upload_mapfix;
-mod upload_submission;
+mod nats_types;
 mod validator;
-mod validate_mapfix;
-mod validate_submission;
+mod publish_new;
+mod publish_fix;

 #[allow(dead_code)]
 #[derive(Debug)]
 pub enum StartupError{
-	API(submissions_api::ReqwestError),
+	API(api::ReqwestError),
 	NatsConnect(async_nats::ConnectError),
 	NatsGetStream(async_nats::jetstream::context::GetStreamError),
-	NatsConsumer(async_nats::jetstream::stream::ConsumerError),
-	NatsStream(async_nats::jetstream::consumer::StreamError),
+	NatsStartup(types::NatsStartupError),
+	GRPCConnect(tonic::transport::Error),
 }
 impl std::fmt::Display for StartupError{
 	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
@@ -26,74 +20,43 @@ impl std::fmt::Display for StartupError{
 }
 impl std::error::Error for StartupError{}

-pub const PARALLEL_REQUESTS:usize=16;
+pub const GROUP_STRAFESNET:u64=6980477;

 #[tokio::main]
 async fn main()->Result<(),StartupError>{
-	let group_id:Option<u64>=match std::env::var("ROBLOX_GROUP_ID"){
-		Ok(s)=>match s.as_str(){
-			"None"=>None,
-			_=>Some(s.parse().expect("ROBLOX_GROUP_ID int parse")),
-		},
-		Err(e)=>Err(e).expect("ROBLOX_GROUP_ID env required"),
-	};
-
 	// talk to roblox through STRAFESNET_CI2 account
 	let cookie=std::env::var("RBXCOOKIE").expect("RBXCOOKIE env required");
 	let cookie_context=rbx_asset::cookie::CookieContext::new(rbx_asset::cookie::Cookie::new(cookie));

 	// maps-service api
-	let api_host_internal=std::env::var("API_HOST_INTERNAL").expect("API_HOST_INTERNAL env required");
-	let api=submissions_api::internal::Context::new(api_host_internal).map_err(StartupError::API)?;
+	let api_host=std::env::var("API_HOST").expect("API_HOST env required");
+	let api=api::Context::new(api_host).map_err(StartupError::API)?;

 	// nats
 	let nats_host=std::env::var("NATS_HOST").expect("NATS_HOST env required");
-	let nats_fut=async{
-		let nasty=async_nats::connect(nats_host).await.map_err(StartupError::NatsConnect)?;
-		// use nats jetstream
-		async_nats::jetstream::new(nasty)
-			.get_stream("maptest").await.map_err(StartupError::NatsGetStream)?
-			.get_or_create_consumer("validation",async_nats::jetstream::consumer::pull::Config{
-				name:Some("validation".to_owned()),
-				durable_name:Some("validation".to_owned()),
-				filter_subject:"maptest.>".to_owned(),
-				..Default::default()
-			}).await.map_err(StartupError::NatsConsumer)?
-			.messages().await.map_err(StartupError::NatsStream)
-	};
+	let nasty=async_nats::connect(nats_host).await.map_err(StartupError::NatsConnect)?;	// use nats jetstream
+	let stream=async_nats::jetstream::new(nasty)
+		.get_stream("maptest").await.map_err(StartupError::NatsGetStream)?;

-	let message_handler=message_handler::MessageHandler::new(cookie_context,group_id,api);
+	// data-service grpc for creating map entries
+	let data_host=std::env::var("DATA_HOST").expect("DATA_HOST env required");
+	let maps_grpc=crate::types::MapsServiceClient::connect(data_host).await.map_err(StartupError::GRPCConnect)?;

-	// Create a signal listener for SIGTERM
-	let mut sig_term=tokio::signal::unix::signal(tokio::signal::unix::SignalKind::terminate()).expect("Failed to create SIGTERM signal listener");
+	// connect to nats
+	let (publish_new,publish_fix,validator)=tokio::try_join!(
+		publish_new::Publisher::new(stream.clone(),cookie_context.clone(),api.clone(),maps_grpc),
+		publish_fix::Publisher::new(stream.clone(),cookie_context.clone(),api.clone()),
+		// clone nats here because it's dropped within the function scope,
+		// meanining the last reference is dropped...
+		validator::Validator::new(stream.clone(),cookie_context,api)
+	).map_err(StartupError::NatsStartup)?;

-	// run futures
-	let mut messages=nats_fut.await?;
+	// publisher threads
+	tokio::spawn(publish_new.run());
+	tokio::spawn(publish_fix.run());

-	// process up to PARALLEL_REQUESTS in parallel
-	let main_loop=async move{
-		static SEM:tokio::sync::Semaphore=tokio::sync::Semaphore::const_new(PARALLEL_REQUESTS);
-		// use memory leak to make static lifetime
-		let message_handler=Box::leak(Box::new(message_handler));
-		// acquire a permit before attempting to receive a message, exit if either fails
-		while let (Ok(permit),Some(message_result))=(SEM.acquire().await,messages.next().await){
-			// handle the message on a new thread (mainly to decode the model file)
-			tokio::spawn(async{
-				match message_handler.handle_message_result(message_result).await{
-					Ok(())=>println!("[Validation] Success, hooray!"),
-					Err(e)=>println!("[Validation] There was an error, oopsie! {e}"),
-				}
-				// explicitly call drop to make the move semantics and permit release more obvious
-				core::mem::drop(permit);
-			});
-		}
-	};
-
-	// race sigkill and main loop termination and then die
-	tokio::select!{
-		_=sig_term.recv()=>(),
-		_=main_loop=>(),
-	};
+	// run validator on the main thread indefinitely
+	validator.run().await;

 	Ok(())
 }
--- a/validation/src/message_handler.rs
+++ b/validation/src/message_handler.rs
@@ -1,57 +0,0 @@
-#[allow(dead_code)]
-#[derive(Debug)]
-pub enum HandleMessageError{
-	Messages(async_nats::jetstream::consumer::pull::MessagesError),
-	DoubleAck(async_nats::Error),
-	Json(serde_json::Error),
-	UnknownSubject(String),
-	UploadMapfix(crate::upload_mapfix::UploadError),
-	UploadSubmission(crate::upload_submission::UploadError),
-	ValidateMapfix(crate::validate_mapfix::ValidateMapfixError),
-	ValidateSubmission(crate::validate_submission::ValidateSubmissionError),
-}
-impl std::fmt::Display for HandleMessageError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for HandleMessageError{}
-
-pub type MessageResult=Result<async_nats::jetstream::Message,async_nats::jetstream::consumer::pull::MessagesError>;
-
-fn from_slice<'a,T:serde::de::Deserialize<'a>>(slice:&'a [u8])->Result<T,HandleMessageError>{
-	serde_json::from_slice(slice).map_err(HandleMessageError::Json)
-}
-
-pub struct MessageHandler{
-	upload_mapfix:crate::upload_mapfix::Uploader,
-	upload_submission:crate::upload_submission::Uploader,
-	validate_mapfix:crate::validate_mapfix::Validator,
-	validate_submission:crate::validate_submission::Validator,
-}
-
-impl MessageHandler{
-	pub fn new(
-		cookie_context:rbx_asset::cookie::CookieContext,
-		group_id:Option<u64>,
-		api:submissions_api::internal::Context,
-	)->Self{
-		Self{
-			upload_mapfix:crate::upload_mapfix::Uploader::new(crate::uploader::Uploader::new(cookie_context.clone(),group_id,api.clone())),
-			upload_submission:crate::upload_submission::Uploader::new(crate::uploader::Uploader::new(cookie_context.clone(),group_id,api.clone())),
-			validate_mapfix:crate::validate_mapfix::Validator::new(crate::validator::Validator::new(cookie_context.clone(),api.clone())),
-			validate_submission:crate::validate_submission::Validator::new(crate::validator::Validator::new(cookie_context,api)),
-		}
-	}
-	pub async fn handle_message_result(&self,message_result:MessageResult)->Result<(),HandleMessageError>{
-		let message=message_result.map_err(HandleMessageError::Messages)?;
-		message.double_ack().await.map_err(HandleMessageError::DoubleAck)?;
-		match message.subject.as_str(){
-			"maptest.mapfixes.upload"=>self.upload_mapfix.upload(from_slice(&message.payload)?).await.map_err(HandleMessageError::UploadMapfix),
-			"maptest.submissions.upload"=>self.upload_submission.upload(from_slice(&message.payload)?).await.map_err(HandleMessageError::UploadSubmission),
-			"maptest.mapfixes.validate"=>self.validate_mapfix.validate(from_slice(&message.payload)?).await.map_err(HandleMessageError::ValidateMapfix),
-			"maptest.submissions.validate"=>self.validate_submission.validate(from_slice(&message.payload)?).await.map_err(HandleMessageError::ValidateSubmission),
-			other=>Err(HandleMessageError::UnknownSubject(other.to_owned()))
-		}
-	}
-}
--- a/validation/src/nats_types.rs
+++ b/validation/src/nats_types.rs
@@ -6,7 +6,7 @@

 #[allow(nonstandard_style)]
 #[derive(serde::Deserialize)]
-pub struct ValidateSubmissionRequest{
+pub struct ValidateRequest{
 	// submission_id is passed back in the response message
 	pub SubmissionID:i64,
 	pub ModelID:u64,
@@ -14,30 +14,23 @@ pub struct ValidateSubmissionRequest{
 	pub ValidatedModelID:Option<u64>,
 }

-#[allow(nonstandard_style)]
-#[derive(serde::Deserialize)]
-pub struct ValidateMapfixRequest{
-	// submission_id is passed back in the response message
-	pub MapfixID:i64,
-	pub ModelID:u64,
-	pub ModelVersion:u64,
-	pub ValidatedModelID:Option<u64>,
-}
-
 // Create a new map
 #[allow(nonstandard_style)]
 #[derive(serde::Deserialize)]
-pub struct UploadSubmissionRequest{
+pub struct PublishNewRequest{
 	pub SubmissionID:i64,
 	pub ModelID:u64,
 	pub ModelVersion:u64,
-	pub ModelName:String,
+	pub Creator:String,
+	pub DisplayName:String,
+	pub GameID:u32,
+	//games:HashSet<GameID>,
 }

 #[allow(nonstandard_style)]
 #[derive(serde::Deserialize)]
-pub struct UploadMapfixRequest{
-	pub MapfixID:i64,
+pub struct PublishFixRequest{
+	pub SubmissionID:i64,
 	pub ModelID:u64,
 	pub ModelVersion:u64,
 	pub TargetAssetID:u64,
--- a/validation/src/publish_fix.rs
+++ b/validation/src/publish_fix.rs
@@ -0,0 +1,88 @@
+use futures::StreamExt;
+use crate::types::{MessageResult,NatsStartupError};
+use crate::nats_types::PublishFixRequest;
+
+#[allow(dead_code)]
+#[derive(Debug)]
+enum PublishError{
+	Messages(async_nats::jetstream::consumer::pull::MessagesError),
+	DoubleAck(async_nats::Error),
+	Get(rbx_asset::cookie::GetError),
+	Json(serde_json::Error),
+	Upload(rbx_asset::cookie::UploadError),
+	ApiActionSubmissionPublish(api::Error),
+}
+impl std::fmt::Display for PublishError{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for PublishError{}
+
+pub struct Publisher{
+	messages:async_nats::jetstream::consumer::pull::Stream,
+	roblox_cookie:rbx_asset::cookie::CookieContext,
+	api:api::Context,
+}
+impl Publisher{
+	pub async fn new(
+		stream:async_nats::jetstream::stream::Stream,
+		roblox_cookie:rbx_asset::cookie::CookieContext,
+		api:api::Context,
+	)->Result<Self,NatsStartupError>{
+		Ok(Self{
+			messages:stream.get_or_create_consumer("publish_fix",async_nats::jetstream::consumer::pull::Config{
+				name:Some("publish_fix".to_owned()),
+				durable_name:Some("publish_fix".to_owned()),
+				filter_subject:"maptest.submissions.publish.fix".to_owned(),
+				..Default::default()
+			}).await.map_err(NatsStartupError::Consumer)?
+			.messages().await.map_err(NatsStartupError::Stream)?,
+			roblox_cookie,
+			api,
+		})
+	}
+	pub async fn run(mut self){
+		while let Some(message_result)=self.messages.next().await{
+			self.publish_supress_error(message_result).await
+		}
+	}
+	async fn publish_supress_error(&self,message_result:MessageResult){
+		match self.publish(message_result).await{
+			Ok(())=>println!("[PublishFix] Published, hooray!"),
+			Err(e)=>println!("[PublishFix] There was an error, oopsie! {e}"),
+		}
+	}
+	async fn publish(&self,message_result:MessageResult)->Result<(),PublishError>{
+		println!("publish_fix {:?}",message_result);
+		let message=message_result.map_err(PublishError::Messages)?;
+		message.double_ack().await.map_err(PublishError::DoubleAck)?;
+		// decode json
+		let publish_info:PublishFixRequest=serde_json::from_slice(&message.payload).map_err(PublishError::Json)?;
+
+		// download the map model version
+		let model_data=self.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
+			asset_id:publish_info.ModelID,
+			version:Some(publish_info.ModelVersion),
+		}).await.map_err(PublishError::Get)?;
+
+		// upload the map to the strafesnet group
+		let _upload_response=self.roblox_cookie.upload(rbx_asset::cookie::UploadRequest{
+			assetid:publish_info.TargetAssetID,
+			groupId:Some(crate::GROUP_STRAFESNET),
+			name:None,
+			description:None,
+			ispublic:None,
+			allowComments:None,
+		},model_data).await.map_err(PublishError::Upload)?;
+
+		// that's it, the database entry does not need to be changed.
+
+		// mark submission as published
+		self.api.action_submission_publish(
+			api::SubmissionID(publish_info.SubmissionID)
+		).await.map_err(PublishError::ApiActionSubmissionPublish)?;
+
+		Ok(())
+	}
+}
--- a/validation/src/publish_new.rs
+++ b/validation/src/publish_new.rs
@@ -0,0 +1,109 @@
+use futures::StreamExt;
+use crate::types::{MessageResult,NatsStartupError};
+use crate::nats_types::PublishNewRequest;
+
+#[allow(dead_code)]
+#[derive(Debug)]
+enum PublishError{
+	Messages(async_nats::jetstream::consumer::pull::MessagesError),
+	DoubleAck(async_nats::Error),
+	Get(rbx_asset::cookie::GetError),
+	Json(serde_json::Error),
+	Create(rbx_asset::cookie::CreateError),
+	SystemTime(std::time::SystemTimeError),
+	MapCreate(tonic::Status),
+	ApiActionSubmissionPublish(api::Error),
+}
+impl std::fmt::Display for PublishError{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for PublishError{}
+
+pub struct Publisher{
+	messages:async_nats::jetstream::consumer::pull::Stream,
+	roblox_cookie:rbx_asset::cookie::CookieContext,
+	api:api::Context,
+	maps_grpc:crate::types::MapsServiceClient,
+}
+impl Publisher{
+	pub async fn new(
+		stream:async_nats::jetstream::stream::Stream,
+		roblox_cookie:rbx_asset::cookie::CookieContext,
+		api:api::Context,
+		maps_grpc:crate::types::MapsServiceClient,
+	)->Result<Self,NatsStartupError>{
+		Ok(Self{
+			messages:stream.get_or_create_consumer("publish_new",async_nats::jetstream::consumer::pull::Config{
+				name:Some("publish_new".to_owned()),
+				durable_name:Some("publish_new".to_owned()),
+				filter_subject:"maptest.submissions.publish.new".to_owned(),
+				..Default::default()
+			}).await.map_err(NatsStartupError::Consumer)?
+			.messages().await.map_err(NatsStartupError::Stream)?,
+			roblox_cookie,
+			api,
+			maps_grpc,
+		})
+	}
+	pub async fn run(mut self){
+		while let Some(message_result)=self.messages.next().await{
+			self.publish_supress_error(message_result).await
+		}
+	}
+	async fn publish_supress_error(&self,message_result:MessageResult){
+		match self.publish(message_result).await{
+			Ok(())=>println!("[PublishNew] Published, hooray!"),
+			Err(e)=>println!("[PublishNew] There was an error, oopsie! {e}"),
+		}
+	}
+	async fn publish(&self,message_result:MessageResult)->Result<(),PublishError>{
+		println!("publish_new {:?}",message_result);
+		let message=message_result.map_err(PublishError::Messages)?;
+		message.double_ack().await.map_err(PublishError::DoubleAck)?;
+		// decode json
+		let publish_info:PublishNewRequest=serde_json::from_slice(&message.payload).map_err(PublishError::Json)?;
+
+		// download the map model version
+		let model_data=self.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
+			asset_id:publish_info.ModelID,
+			version:Some(publish_info.ModelVersion),
+		}).await.map_err(PublishError::Get)?;
+
+		// upload the map to the strafesnet group
+		let upload_response=self.roblox_cookie.create(rbx_asset::cookie::CreateRequest{
+			name:publish_info.DisplayName.clone(),
+			description:"".to_owned(),
+			ispublic:false,
+			allowComments:false,
+			groupId:Some(crate::GROUP_STRAFESNET),
+		},model_data).await.map_err(PublishError::Create)?;
+
+		// create the map entry in the game database, including release date
+		self.maps_grpc.clone().create(rust_grpc::maps::MapRequest{
+			id:upload_response.AssetId as i64,
+			display_name:Some(publish_info.DisplayName),
+			creator:Some(publish_info.Creator),
+			game_id:Some(publish_info.GameID as i32),
+			// TODO: scheduling algorithm
+			date:Some(
+				// Publish one week from now
+				(
+					std::time::SystemTime::now()
+					+std::time::Duration::from_secs(7*24*60*60)
+				)
+				.duration_since(std::time::SystemTime::UNIX_EPOCH)
+				.map_err(PublishError::SystemTime)?
+				.as_secs() as i64
+			),
+		}).await.map_err(PublishError::MapCreate)?;
+
+		// mark submission as published
+		self.api.action_submission_publish(
+			api::SubmissionID(publish_info.SubmissionID)
+		).await.map_err(PublishError::ApiActionSubmissionPublish)?;
+
+		Ok(())
+	}
+}
--- a/validation/src/types.rs
+++ b/validation/src/types.rs
@@ -1,4 +1,16 @@
-pub enum ResourceID{
-	Mapfix(i64),
-	Submission(i64),
+
+// annoying mile-long types
+pub type MapsServiceClient=rust_grpc::maps::maps_service_client::MapsServiceClient<tonic::transport::channel::Channel>;
+pub type MessageResult=Result<async_nats::jetstream::Message,async_nats::jetstream::consumer::pull::MessagesError>;
+
+#[derive(Debug)]
+pub enum NatsStartupError{
+	Consumer(async_nats::jetstream::stream::ConsumerError),
+	Stream(async_nats::jetstream::consumer::StreamError),
 }
+impl std::fmt::Display for NatsStartupError{
+	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
+		write!(f,"{self:?}")
+	}
+}
+impl std::error::Error for NatsStartupError{}
--- a/validation/src/upload_mapfix.rs
+++ b/validation/src/upload_mapfix.rs
@@ -1,50 +0,0 @@
-use crate::nats_types::UploadMapfixRequest;
-
-#[allow(dead_code)]
-#[derive(Debug)]
-pub enum UploadError{
-	Get(rbx_asset::cookie::GetError),
-	Json(serde_json::Error),
-	Upload(rbx_asset::cookie::UploadError),
-	ApiActionMapfixUploaded(submissions_api::Error),
-}
-impl std::fmt::Display for UploadError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for UploadError{}
-
-pub struct Uploader(crate::uploader::Uploader);
-impl Uploader{
-	pub const fn new(inner:crate::uploader::Uploader)->Self{
-		Self(inner)
-	}
-	pub async fn upload(&self,upload_info:UploadMapfixRequest)->Result<(),UploadError>{
-		let Self(uploader)=self;
-		// download the map model version
-		let model_data=uploader.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
-			asset_id:upload_info.ModelID,
-			version:Some(upload_info.ModelVersion),
-		}).await.map_err(UploadError::Get)?;
-
-		// upload the map to the strafesnet group
-		let _upload_response=uploader.roblox_cookie.upload(rbx_asset::cookie::UploadRequest{
-			assetid:upload_info.TargetAssetID,
-			groupId:uploader.group_id,
-			name:None,
-			description:None,
-			ispublic:None,
-			allowComments:None,
-		},model_data).await.map_err(UploadError::Upload)?;
-
-		// that's it, the database entry does not need to be changed.
-
-		// mark mapfix as uploaded, TargetAssetID is unchanged
-		uploader.api.action_mapfix_uploaded(submissions_api::types::ActionMapfixUploadedRequest{
-			MapfixID:upload_info.MapfixID,
-		}).await.map_err(UploadError::ApiActionMapfixUploaded)?;
-
-		Ok(())
-	}
-}
--- a/validation/src/upload_submission.rs
+++ b/validation/src/upload_submission.rs
@@ -1,49 +0,0 @@
-use crate::nats_types::UploadSubmissionRequest;
-
-#[allow(dead_code)]
-#[derive(Debug)]
-pub enum UploadError{
-	Get(rbx_asset::cookie::GetError),
-	Json(serde_json::Error),
-	Create(rbx_asset::cookie::CreateError),
-	SystemTime(std::time::SystemTimeError),
-	ApiActionSubmissionUploaded(submissions_api::Error),
-}
-impl std::fmt::Display for UploadError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for UploadError{}
-
-pub struct Uploader(crate::uploader::Uploader);
-impl Uploader{
-	pub const fn new(inner:crate::uploader::Uploader)->Self{
-		Self(inner)
-	}
-	pub async fn upload(&self,upload_info:UploadSubmissionRequest)->Result<(),UploadError>{
-		let Self(uploader)=self;
-		// download the map model version
-		let model_data=uploader.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
-			asset_id:upload_info.ModelID,
-			version:Some(upload_info.ModelVersion),
-		}).await.map_err(UploadError::Get)?;
-
-		// upload the map to the strafesnet group
-		let upload_response=uploader.roblox_cookie.create(rbx_asset::cookie::CreateRequest{
-			name:upload_info.ModelName.clone(),
-			description:"".to_owned(),
-			ispublic:false,
-			allowComments:false,
-			groupId:uploader.group_id,
-		},model_data).await.map_err(UploadError::Create)?;
-
-		// note the asset id of the created model for later release, and mark the submission as uploaded
-		uploader.api.action_submission_uploaded(submissions_api::types::ActionSubmissionUploadedRequest{
-			SubmissionID:upload_info.SubmissionID,
-			UploadedAssetID:upload_response.AssetId,
-		}).await.map_err(UploadError::ApiActionSubmissionUploaded)?;
-
-		Ok(())
-	}
-}
--- a/validation/src/uploader.rs
+++ b/validation/src/uploader.rs
@@ -1,18 +0,0 @@
-pub struct Uploader{
-	pub(crate) roblox_cookie:rbx_asset::cookie::CookieContext,
-	pub(crate) group_id:Option<u64>,
-	pub(crate) api:submissions_api::internal::Context,
-}
-impl Uploader{
-	pub const fn new(
-		roblox_cookie:rbx_asset::cookie::CookieContext,
-		group_id:Option<u64>,
-		api:submissions_api::internal::Context,
-	)->Self{
-		Self{
-			roblox_cookie,
-			group_id,
-			api,
-		}
-	}
-}
--- a/validation/src/validate_mapfix.rs
+++ b/validation/src/validate_mapfix.rs
@@ -1,45 +0,0 @@
-use crate::nats_types::ValidateMapfixRequest;
-
-#[allow(dead_code)]
-#[derive(Debug)]
-pub enum ValidateMapfixError{
-	ApiActionMapfixValidate(submissions_api::Error),
-}
-impl std::fmt::Display for ValidateMapfixError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for ValidateMapfixError{}
-
-pub struct Validator(crate::validator::Validator);
-impl Validator{
-	pub const fn new(inner:crate::validator::Validator)->Self{
-		Self(inner)
-	}
-	pub async fn validate(&self,validate_info:ValidateMapfixRequest)->Result<(),ValidateMapfixError>{
-		let Self(validator)=self;
-
-		let mapfix_id=validate_info.MapfixID;
-		let validate_result=validator.validate(validate_info.into()).await;
-
-		// update the mapfix depending on the result
-		match &validate_result{
-			Ok(())=>{
-				// update the mapfix model status to validated
-				validator.api.action_mapfix_validated(
-					submissions_api::types::MapfixID(mapfix_id)
-				).await.map_err(ValidateMapfixError::ApiActionMapfixValidate)?;
-			},
-			Err(e)=>{
-				// update the mapfix model status to accepted
-				validator.api.action_mapfix_accepted(submissions_api::types::ActionMapfixAcceptedRequest{
-					MapfixID:mapfix_id,
-					StatusMessage:format!("{e}"),
-				}).await.map_err(ValidateMapfixError::ApiActionMapfixValidate)?;
-			},
-		}
-
-		Ok(())
-	}
-}
--- a/validation/src/validate_submission.rs
+++ b/validation/src/validate_submission.rs
@@ -1,45 +0,0 @@
-use crate::nats_types::ValidateSubmissionRequest;
-
-#[allow(dead_code)]
-#[derive(Debug)]
-pub enum ValidateSubmissionError{
-	ApiActionSubmissionValidate(submissions_api::Error),
-}
-impl std::fmt::Display for ValidateSubmissionError{
-	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
-		write!(f,"{self:?}")
-	}
-}
-impl std::error::Error for ValidateSubmissionError{}
-
-pub struct Validator(crate::validator::Validator);
-impl Validator{
-	pub const fn new(inner:crate::validator::Validator)->Self{
-		Self(inner)
-	}
-	pub async fn validate(&self,validate_info:ValidateSubmissionRequest)->Result<(),ValidateSubmissionError>{
-		let Self(validator)=self;
-
-		let submission_id=validate_info.SubmissionID;
-		let validate_result=validator.validate(validate_info.into()).await;
-
-		// update the submission depending on the result
-		match &validate_result{
-			Ok(())=>{
-				// update the submission model status to validated
-				validator.api.action_submission_validated(
-					submissions_api::types::SubmissionID(submission_id)
-				).await.map_err(ValidateSubmissionError::ApiActionSubmissionValidate)?;
-			},
-			Err(e)=>{
-				// update the submission model status to accepted
-				validator.api.action_submission_accepted(submissions_api::types::ActionSubmissionAcceptedRequest{
-					SubmissionID:submission_id,
-					StatusMessage:format!("{e}"),
-				}).await.map_err(ValidateSubmissionError::ApiActionSubmissionValidate)?;
-			},
-		}
-
-		Ok(())
-	}
-}
--- a/validation/src/validator.rs
+++ b/validation/src/validator.rs
@@ -1,54 +1,33 @@
-use futures::TryStreamExt;
-use submissions_api::types::ResourceType;
-
-use crate::types::ResourceID;
+use futures::{StreamExt,TryStreamExt};
+use crate::types::{MessageResult,NatsStartupError};
+use crate::nats_types::ValidateRequest;

 const SCRIPT_CONCURRENCY:usize=16;

 enum Policy{
-	None,
 	Allowed,
 	Blocked,
 	Delete,
 	Replace(String),
 }

-struct NamePolicy{
-	name:String,
-	policy:Policy,
-}
-
-fn source_has_illegal_keywords(source:&str)->bool{
-	source.find("getfenv").is_some()||source.find("require").is_some()
-}
-
-fn hash_source(source:&str)->String{
-	let mut hasher=siphasher::sip::SipHasher::new();
-	std::hash::Hasher::write(&mut hasher,source.as_bytes());
-	let hash=std::hash::Hasher::finish(&hasher);
-	format!("{:016x}",hash)
-}
-
-// #[allow(dead_code)]
+#[allow(dead_code)]
 #[derive(Debug)]
-pub enum ValidateError{
-	ScriptFlaggedIllegalKeyword(String),
-	ScriptBlocked(Option<submissions_api::types::ScriptID>),
-	ScriptNotYetReviewed(Option<submissions_api::types::ScriptID>),
-	ModelFileDownload(rbx_asset::cookie::GetError),
-	ModelFileDecode(ReadDomError),
-	ApiGetScriptPolicyFromHash(submissions_api::types::SingleItemError),
-	ApiGetScript(submissions_api::Error),
-	ApiCreateScript(submissions_api::Error),
-	ApiCreateScriptPolicy(submissions_api::Error),
-	ApiGetScriptFromHash(submissions_api::types::SingleItemError),
-	ApiUpdateMapfixModel(submissions_api::Error),
-	ApiUpdateSubmissionModel(submissions_api::Error),
-	ModelFileRootMustHaveOneChild,
-	ModelFileChildRefIsNil,
-	ModelFileEncode(rbx_binary::EncodeError),
-	AssetUpload(rbx_asset::cookie::UploadError),
-	AssetCreate(rbx_asset::cookie::CreateError),
+enum ValidateError{
+	Blocked,
+	NotAllowed,
+	Messages(async_nats::jetstream::consumer::pull::MessagesError),
+	DoubleAck(async_nats::Error),
+	Get(rbx_asset::cookie::GetError),
+	Json(serde_json::Error),
+	ReadDom(ReadDomError),
+	ApiGetScriptPolicy(api::Error),
+	ApiGetScript(api::Error),
+	ApiUpdateSubmissionModel(api::Error),
+	ApiActionSubmissionValidate(api::Error),
+	WriteDom(rbx_binary::EncodeError),
+	Upload(rbx_asset::cookie::UploadError),
+	Create(rbx_asset::cookie::CreateError),
 }
 impl std::fmt::Display for ValidateError{
 	fn fmt(&self,f:&mut std::fmt::Formatter<'_>)->std::fmt::Result{
@@ -57,158 +36,109 @@ impl std::fmt::Display for ValidateError{
 }
 impl std::error::Error for ValidateError{}

-#[allow(nonstandard_style)]
-pub struct ValidateRequest{
-	pub ModelID:u64,
-	pub ModelVersion:u64,
-	pub ValidatedModelID:Option<u64>,
-	pub ResourceID:ResourceID,
-}
-
-impl From<crate::nats_types::ValidateMapfixRequest> for ValidateRequest{
-	fn from(value:crate::nats_types::ValidateMapfixRequest)->Self{
-		Self{
-			ModelID:value.ModelID,
-			ModelVersion:value.ModelVersion,
-			ValidatedModelID:value.ValidatedModelID,
-			ResourceID:ResourceID::Mapfix(value.MapfixID),
-		}
-	}
-}
-impl From<crate::nats_types::ValidateSubmissionRequest> for ValidateRequest{
-	fn from(value:crate::nats_types::ValidateSubmissionRequest)->Self{
-		Self{
-			ModelID:value.ModelID,
-			ModelVersion:value.ModelVersion,
-			ValidatedModelID:value.ValidatedModelID,
-			ResourceID:ResourceID::Submission(value.SubmissionID),
-		}
-	}
-}
-
 pub struct Validator{
-	pub(crate) roblox_cookie:rbx_asset::cookie::CookieContext,
-	pub(crate) api:submissions_api::internal::Context,
+	messages:async_nats::jetstream::consumer::pull::Stream,
+	roblox_cookie:rbx_asset::cookie::CookieContext,
+	api:api::Context,
 }

 impl Validator{
-	pub const fn new(
+	pub async fn new(
+		stream:async_nats::jetstream::stream::Stream,
 		roblox_cookie:rbx_asset::cookie::CookieContext,
-		api:submissions_api::internal::Context,
-	)->Self{
-		Self{
+		api:api::Context,
+	)->Result<Self,NatsStartupError>{
+		Ok(Self{
+			messages:stream.get_or_create_consumer("validation",async_nats::jetstream::consumer::pull::Config{
+				name:Some("validation".to_owned()),
+				durable_name:Some("validation".to_owned()),
+				ack_policy:async_nats::jetstream::consumer::AckPolicy::Explicit,
+				filter_subject:"maptest.submissions.validate".to_owned(),
+				..Default::default()
+			}).await.map_err(NatsStartupError::Consumer)?
+			.messages().await.map_err(NatsStartupError::Stream)?,
 			roblox_cookie,
 			api,
+		})
+	}
+	pub async fn run(mut self){
+		while let Some(message_result)=self.messages.next().await{
+			self.validate_supress_error(message_result).await
 		}
 	}
-	pub async fn validate(&self,validate_info:ValidateRequest)->Result<(),ValidateError>{
+	async fn validate_supress_error(&self,message_result:MessageResult){
+		match self.validate(message_result).await{
+			Ok(())=>println!("[Validation] Validated, hooray!"),
+			Err(e)=>println!("[Validation] There was an error, oopsie! {e}"),
+		}
+	}
+	async fn validate(&self,message_result:MessageResult)->Result<(),ValidateError>{
+		println!("validate {:?}",message_result);
+		let message=message_result.map_err(ValidateError::Messages)?;
+		message.double_ack().await.map_err(ValidateError::DoubleAck)?;
+		// decode json
+		let validate_info:ValidateRequest=serde_json::from_slice(&message.payload).map_err(ValidateError::Json)?;
+
 		// download map
 		let data=self.roblox_cookie.get_asset(rbx_asset::cookie::GetAssetRequest{
 			asset_id:validate_info.ModelID,
 			version:Some(validate_info.ModelVersion),
-		}).await.map_err(ValidateError::ModelFileDownload)?;
+		}).await.map_err(ValidateError::Get)?;

 		// decode dom (slow!)
-		let mut dom=read_dom(&mut std::io::Cursor::new(data)).map_err(ValidateError::ModelFileDecode)?;
+		let mut dom=read_dom(&mut std::io::Cursor::new(data)).map_err(ValidateError::ReadDom)?;

 		/* VALIDATE MAP */

 		// collect unique scripts
 		let script_refs=get_script_refs(&dom);
-		let mut script_map=std::collections::HashMap::<String,NamePolicy>::new();
+		let mut script_map=std::collections::HashMap::<String,Policy>::new();
 		for &script_ref in &script_refs{
 			if let Some(script)=dom.get_by_ref(script_ref){
 				if let Some(rbx_dom_weak::types::Variant::String(source))=script.properties.get("Source"){
-					// check the source for illegal keywords
-					if source_has_illegal_keywords(source){
-						// immediately abort
-						// grab path to offending script
-						let path=get_partial_path(&dom,script);
-						return Err(ValidateError::ScriptFlaggedIllegalKeyword(path));
-					}
-					// associate a name and policy with the source code
-					// policy will be fetched from the database to replace the default policy
-					script_map.insert(source.clone(),NamePolicy{
-						name:get_partial_path(&dom,script),
-						policy:Policy::None,
-					});
+					script_map.insert(source.clone(),Policy::Blocked);
 				}
 			}
 		}

 		// send all script hashes to REST endpoint and retrieve the replacements
 		futures::stream::iter(script_map.iter_mut().map(Ok))
-		.try_for_each_concurrent(Some(SCRIPT_CONCURRENCY),|(source,NamePolicy{policy,name})|async{
+		.try_for_each_concurrent(Some(SCRIPT_CONCURRENCY),|(source,replacement)|async{
 			// get the hash
-			let hash=hash_source(source.as_str());
+			let mut hasher=siphasher::sip::SipHasher::new();
+			std::hash::Hasher::write(&mut hasher,source.as_bytes());
+			let hash=std::hash::Hasher::finish(&hasher);

 			// fetch the script policy
-			let script_policy=self.api.get_script_policy_from_hash(submissions_api::types::HashRequest{
-				hash:hash.as_str(),
-			}).await.map_err(ValidateError::ApiGetScriptPolicyFromHash)?;
+			let script_policy=self.api.get_script_policy_from_hash(api::ScriptPolicyHashRequest{
+				hash:format!("{:x}",hash),
+			}).await.map_err(ValidateError::ApiGetScriptPolicy)?;

 			// write the policy to the script_map, fetching the replacement code if necessary
-			if let Some(script_policy)=script_policy{
-				*policy=match script_policy.Policy{
-					submissions_api::types::Policy::None=>Policy::None,
-					submissions_api::types::Policy::Allowed=>Policy::Allowed,
-					submissions_api::types::Policy::Blocked=>Policy::Blocked,
-					submissions_api::types::Policy::Delete=>Policy::Delete,
-					submissions_api::types::Policy::Replace=>{
-						let script=self.api.get_script(submissions_api::types::GetScriptRequest{
-							ScriptID:script_policy.ToScriptID,
-						}).await.map_err(ValidateError::ApiGetScript)?;
-						Policy::Replace(script.Source)
-					},
-				};
-			}else{
-				let (resource_type,resource_id)=match validate_info.ResourceID{
-					ResourceID::Mapfix(mapfix_id)=>(ResourceType::Mapfix,mapfix_id),
-					ResourceID::Submission(submission_id)=>(ResourceType::Submission,submission_id),
-				};
-
-				// upload the script
-				let script=self.api.create_script(submissions_api::types::CreateScriptRequest{
-					Name:name.as_str(),
-					Source:source.as_str(),
-					ResourceType:resource_type,
-					ResourceID:Some(resource_id),
-				}).await.map_err(ValidateError::ApiCreateScript)?;
-
-				// create a None policy (pending review by yours truly)
-				self.api.create_script_policy(submissions_api::types::CreateScriptPolicyRequest{
-					ToScriptID:script.ID,
-					FromScriptID:script.ID,
-					Policy:submissions_api::types::Policy::None,
-				}).await.map_err(ValidateError::ApiCreateScriptPolicy)?;
-			}
+			*replacement=match script_policy.Policy{
+				api::Policy::Allowed=>Policy::Allowed,
+				api::Policy::Blocked=>Policy::Blocked,
+				api::Policy::Delete=>Policy::Delete,
+				api::Policy::Replace=>{
+					let script=self.api.get_script(api::GetScriptRequest{
+						ScriptID:script_policy.ToScriptID,
+					}).await.map_err(ValidateError::ApiGetScript)?;
+					Policy::Replace(script.Source)
+				},
+			};

 			Ok(())
 		})
 		.await?;

 		// make the replacements
-		let mut modified=true;
+		let mut modified=false;
 		for &script_ref in &script_refs{
 			if let Some(script)=dom.get_by_ref_mut(script_ref){
 				if let Some(rbx_dom_weak::types::Variant::String(source))=script.properties.get_mut("Source"){
-					match script_map.get(source.as_str()).map(|p|&p.policy){
-						Some(Policy::Blocked)=>{
-							let hash=hash_source(source.as_str());
-							let script=self.api.get_script_from_hash(submissions_api::types::HashRequest{
-								hash:hash.as_str(),
-							}).await.map_err(ValidateError::ApiGetScriptFromHash)?;
-							return Err(ValidateError::ScriptBlocked(script.map(|s|s.ID)));
-						},
-						None
-						|Some(Policy::None)
-						=>{
-							let hash=hash_source(source.as_str());
-							let script=self.api.get_script_from_hash(submissions_api::types::HashRequest{
-								hash:hash.as_str(),
-							}).await.map_err(ValidateError::ApiGetScriptFromHash)?;
-							return Err(ValidateError::ScriptNotYetReviewed(script.map(|s|s.ID)));
-						},
+					match script_map.get(source.as_str()){
+						Some(Policy::Blocked)=>return Err(ValidateError::Blocked),
+						None=>return Err(ValidateError::NotAllowed),
 						Some(Policy::Allowed)=>(),
 						Some(Policy::Delete)=>{
 							modified=true;
@@ -224,19 +154,14 @@ impl Validator{
 			}
 		}

-		println!("[Validator] Forcing model upload! modified=true");
-
 		// if the model was validated, the submission must be changed to use the modified model
 		if modified{
 			// serialize model (slow!)
 			let mut data=Vec::new();
-			let &[map_ref]=dom.root().children()else{
-				return Err(ValidateError::ModelFileRootMustHaveOneChild);
-			};
-			rbx_binary::to_writer(&mut data,&dom,&[map_ref]).map_err(ValidateError::ModelFileEncode)?;
+			rbx_binary::to_writer(&mut data,&dom,&[dom.root_ref()]).map_err(ValidateError::WriteDom)?;

 			// upload a model lol
-			let model_id=if let Some(model_id)=validate_info.ValidatedModelID{
+			let (model_id,model_version)=if let Some(model_id)=validate_info.ValidatedModelID{
 				// upload to existing id
 				let response=self.roblox_cookie.upload(rbx_asset::cookie::UploadRequest{
 					assetid:model_id,
@@ -245,45 +170,34 @@ impl Validator{
 					ispublic:None,
 					allowComments:None,
 					groupId:None,
-				},data).await.map_err(ValidateError::AssetUpload)?;
+				},data).await.map_err(ValidateError::Upload)?;

-				response.AssetId
+				(response.AssetId,response.AssetVersionId)
 			}else{
-				// grab the map instance from the map re
-				let Some(map_instance)=dom.get_by_ref(map_ref)else{
-					return Err(ValidateError::ModelFileChildRefIsNil);
-				};
 				// create new model
 				let response=self.roblox_cookie.create(rbx_asset::cookie::CreateRequest{
-					name:map_instance.name.clone(),
+					name:dom.root().name.clone(),
 					description:"".to_owned(),
 					ispublic:true,
 					allowComments:true,
 					groupId:None,
-				},data).await.map_err(ValidateError::AssetCreate)?;
+				},data).await.map_err(ValidateError::Create)?;

-				response.AssetId
+				(response.AssetId,response.AssetVersionId)
 			};

-			match validate_info.ResourceID{
-				ResourceID::Mapfix(mapfix_id)=>{
-					// update the mapfix to use the validated model
-					self.api.update_mapfix_validated_model(submissions_api::types::UpdateMapfixModelRequest{
-						MapfixID:mapfix_id,
-						ModelID:model_id,
-						ModelVersion:1, //TODO
-					}).await.map_err(ValidateError::ApiUpdateMapfixModel)?;
-				},
-				ResourceID::Submission(submission_id)=>{
-					// update the submission to use the validated model
-					self.api.update_submission_validated_model(submissions_api::types::UpdateSubmissionModelRequest{
-						SubmissionID:submission_id,
-						ModelID:model_id,
-						ModelVersion:1, //TODO
-					}).await.map_err(ValidateError::ApiUpdateSubmissionModel)?;
-				},
-			}
-		}
+			// update the submission to use the validated model
+			self.api.update_submission_model(api::UpdateSubmissionModelRequest{
+				ID:validate_info.SubmissionID,
+				ModelID:model_id,
+				ModelVersion:model_version,
+			}).await.map_err(ValidateError::ApiUpdateSubmissionModel)?;
+		};
+
+		// update the submission model status to validated
+		self.api.action_submission_validate(
+			api::SubmissionID(validate_info.SubmissionID)
+		).await.map_err(ValidateError::ApiActionSubmissionValidate)?;

 		Ok(())
 	}
@@ -291,7 +205,7 @@ impl Validator{

 #[allow(dead_code)]
 #[derive(Debug)]
-pub enum ReadDomError{
+enum ReadDomError{
 	Binary(rbx_binary::DecodeError),
 	Xml(rbx_xml::DecodeError),
 	Read(std::io::Error),
@@ -345,19 +259,6 @@ fn recursive_collect_superclass(objects:&mut std::vec::Vec<rbx_dom_weak::types::
 	}
 }

-fn get_partial_path(dom:&rbx_dom_weak::WeakDom,instance:&rbx_dom_weak::Instance)->String{
-	let mut names:Vec<_>=core::iter::successors(
-		Some(instance),
-		|i|dom.get_by_ref(i.parent())
-	).map(
-		|i|i.name.as_str()
-	).collect();
-	// discard the name of the root object
-	names.pop();
-	names.reverse();
-	names.join(".")
-}
-
 fn get_script_refs(dom:&rbx_dom_weak::WeakDom)->Vec<rbx_dom_weak::types::Ref>{
 	let mut scripts=std::vec::Vec::new();
 	recursive_collect_superclass(&mut scripts,dom,dom.root(),"LuaSourceContainer");
--- a/web/.dockerignore
+++ b/web/.dockerignore
@@ -1,3 +1,15 @@
 node_modules
-build
-bun.lockb
+Dockerfile*
+docker-compose*
+.dockerignore
+.git
+.gitignore
+README.md
+LICENSE
+.vscode
+Makefile
+helm-charts
+.env
+.editorconfig
+.idea
+coverage*
--- a/web/Containerfile
+++ b/web/Containerfile
@@ -1,13 +1,19 @@
-FROM oven/bun:latest
+FROM oven/bun AS build

 WORKDIR /app

 COPY . .

-EXPOSE 3000
-
+ENV NODE_ENV=production
 ENV NEXT_TELEMETRY_DISABLED=1
+RUN bun install && bun run build

-RUN bun install
-RUN bun run build
-ENTRYPOINT ["bun", "run", "start"]
+FROM build AS release
+
+WORKDIR /app
+
+COPY --from=build /app/build ./.next
+RUN bun add next
+
+EXPOSE 3000
+ENTRYPOINT ["bun", "run", "env", "--", "next", "start", "-p", "3000"]
--- a/web/next.config.ts
+++ b/web/next.config.ts
@@ -2,18 +2,14 @@ import type { NextConfig } from "next";

 const nextConfig: NextConfig = {
    distDir: "build",
-    output: "standalone",
-    images: {
-		remotePatterns: [
-			{
-				protocol: 'https',
-				hostname: 'api.ic3.space',
-				pathname: '/strafe/map-images/**',
-				port: '',
-				search: '',
-			},
-		],
-	},
+    rewrites: async () => {
+    	return [
+     		{
+       			source: "/v1/submissions/1/status/:statustype",
+          		destination: "http://localhost:8081/v1/submissions/:statustype"
+       		}
+     	]
+    }
 };

 export default nextConfig;
--- a/web/package.json
+++ b/web/package.json
@@ -3,7 +3,7 @@
  "version": "0.1.0",
  "private": true,
  "scripts": {
-    "dev": "next dev -p 3000 --turbopack",
+    "dev": "next dev -p 3000",
    "build": "next build",
    "start": "next start -p 3000",
    "lint": "next lint"
--- a/web/src/app/_components/header.tsx
+++ b/web/src/app/_components/header.tsx
@@ -18,10 +18,10 @@ export default function Header() {
 	return (
 		<header className="header-bar">
 			<nav className="left">
-				<HeaderButton name="Submissions" href="/submissions"/>
+				<HeaderButton name="Maps" href=""/>
 			</nav>
 			<nav className="right">
-				<HeaderButton name="Submit" href="/submit"/>
+				<HeaderButton name="Home" href=""/>
 				<HeaderButton name="Need" href=""/>
 				<HeaderButton name="Menu" href=""/>
 				<HeaderButton name="Items" href=""/>
--- a/web/src/app/_components/styles/header.scss
+++ b/web/src/app/_components/styles/header.scss
@@ -2,8 +2,8 @@
 	display: flex;
 	justify-content: space-between;
 	align-items: center;
-	width: 100%;
-	height: var(--header-height);
+	width: 100vw;
+	height: 60px;
 	background: var(--header-grad-left);
 	background: linear-gradient(180deg, var(--header-grad-left) 0%, var(--header-grad-right) 100%);

@@ -24,7 +24,7 @@
 	.right {
 		display: flex;
 		gap: 7px;
-		margin-right: 35px;
+		margin-right: 50px;

 		button {
 			font-size: 1rem;
--- a/web/src/app/_components/webpage.tsx
+++ b/web/src/app/_components/webpage.tsx
@@ -1,27 +1,8 @@
-"use client"
-
-import { redirect } from "next/navigation";
-import { useEffect } from "react";
-
 import Header from "./header";

-async function login_check() {
-	const response = await fetch("/api/session/validate")
-	if (response.ok) {
-		const logged_in = await response.json()
-		if (!logged_in) {
-			redirect("https://auth.staging.strafes.net/oauth2/login?redirect=" + window.location.href)
-		}
-	} else {
-		console.error("No response from /api/session/validate")
-	}
-}
-
 export default function Webpage({children}: Readonly<{children?: React.ReactNode}>) {
-	useEffect(() => { login_check() }, [])
-
-	return <>
-		<Header/>
-		{children}
-	</>
-}
+    return (<>
+        <Header/>
+        {children}
+    </>)
+}
--- a/web/src/app/globals.scss
+++ b/web/src/app/globals.scss
@@ -1,5 +1,4 @@
 $review-border: 1px solid var(--review-border);
-$form-label-fontsize: 1.3rem;

@mixin border-with-radius {
    border: $review-border {
@@ -10,8 +9,6 @@ $form-label-fontsize: 1.3rem;
 :root {
 	color-scheme: light dark;

-	--header-height: 45px;
-
 	--page:                white;
 	--header-grad-left:    #363b40;
 	--header-grad-right:   #353a40;
@@ -24,7 +21,6 @@ $form-label-fontsize: 1.3rem;
 	--window-header:       #f5f5f5;
 	--comment-highlighted: #ffffd7;
 	--comment-area:        white;
-	--placeholder-text:    rgb(150,150,150);

 	@media (prefers-color-scheme: dark) {
 		--page:                rgb(15,15,15);
@@ -39,7 +35,6 @@ $form-label-fontsize: 1.3rem;
 		--window-header:       rgb(10,10,10);
 		--comment-highlighted: #ffffd7;
 		--comment-area:        rgb(20,20,20);
-		--placeholder-text:    rgb(80,80,80);
 	}
 }

@@ -56,11 +51,4 @@ button {

 a:active, a:link, a:hover {
 	text-decoration: none;
-}
-
-.spacer {
-    display: block;
-    width: 100%;
-    height: 1px;
-    background-color: var(--review-border);
 }
--- a/web/src/app/submissions/(styles)/page.scss
+++ b/web/src/app/submissions/(styles)/page.scss
@@ -1,75 +0,0 @@
-@forward "./page/card.scss";
-
-@use "../../globals.scss";
-
-a {
-	color:rgb(255, 255, 255);
-
-	&:visited, &:hover, &:focus {
-		text-decoration: none;
-		color: rgb(255, 255, 255);
-	}
-	&:active {
-		color: rgb(192, 192, 192)
-	}
-}
-
-.grid {
-	display: grid;
-	grid-template-columns: repeat(auto-fit, minmax(220px, 1fr));
-	grid-template-rows: repeat(3, 1fr);
-	gap: 16px;
-	max-width: 100%;
-	margin: 0 auto;
-	overflow-x: hidden;
-	box-sizing: border-box;
-}
-
-@media (max-width: 768px) {
-	.grid {
-		grid-template-columns: repeat(auto-fit, minmax(180px, 1fr));
-	}
-}
-
-.pagination {
-	display: flex;
-	justify-content: center;
-	align-items: center;
-	gap: 1rem;
-	margin: 0.3rem;
-}
-
-.pagination button {
-	padding: 0.25rem 0.5rem;
-	font-size: 1.15rem;
-	border: none;
-	border-radius: 0.35rem;
-	background-color: #33333350;
-	color: #fff;
-	cursor: pointer;
-}
-
-.pagination button:disabled {
-	background-color: #5555559a;
-	cursor: not-allowed;
-}
-
-.pagination-dots {
-	display: flex;
-	flex-wrap: wrap;
-	gap: 0.35rem;
-	justify-content: center;
-	width: 100%;
-}
-
-.dot {
-	width: 10px;
-	height: 10px;
-	border-radius: 50%;
-	background-color: #bbb;
-	cursor: pointer;
-}
-
-.dot.active {
-	background-color: #333;
-}
--- a/web/src/app/submissions/(styles)/page/card.scss
+++ b/web/src/app/submissions/(styles)/page/card.scss
@@ -1,87 +0,0 @@
-@use "../../../globals.scss";
-
-.submissionCard {
-	display: flex;
-	background-color: #2020207c;
-	border: 1px solid #97979783;
-	border-radius: 10px;
-	box-sizing: border-box;
-	flex-direction: column;
-	justify-content: space-between;
-	height: 100%;
-	min-width: 180px;
-	max-width: 340px;
-}
-
-.content {
-	display: flex;
-	flex-grow: 1;
-	flex-direction: column;
-	justify-content: space-between;
-}
-
-.details {
-	padding: 2px 4px;
-}
-
-.header {
-	display: flex;
-	justify-content: space-between;
-	align-items: center;
-	margin: 3px 0px;
-}
-
-.footer {
-	display: flex;
-	justify-content: space-between;
-	align-items: center;
-	margin: 3px 0px;
-}
-
-.map-image {
-	border-radius: 10px 10px 0 0;
-	overflow: hidden;
-
-	> img {
-		width: 100%;
-		height: 100%;
-		object-fit: cover;
-	}
-}
-
-.displayName {
-	font-size: 1rem;
-	font-weight: bold;
-	overflow: hidden;
-	max-width: 70%;
-	text-overflow: ellipsis;
-	white-space: nowrap;
-}
-
-.rating {
-	flex-shrink: 0;
-}
-
-.author {
-	display: flex;
-	align-items: center;
-	gap: 0.5rem;
-	flex-grow: 1;
-	min-width: 0;
-}
-
-.author span {
-	white-space: nowrap;
-	overflow: hidden;
-	text-overflow: ellipsis;
-}
-
-.rating {
-	margin-left: auto;
-	flex-shrink: 0;
-}
-
-.avatar {
-	border-radius: 50%;
-	object-fit: cover;
-}
--- a/web/src/app/submissions/[submissionId]/(styles)/page.scss
+++ b/web/src/app/submissions/[submissionId]/(styles)/page.scss
@@ -14,6 +14,13 @@
    width: 100vw;
 }

+.spacer {
+    display: block;
+    width: 100%;
+    height: 1px;
+    background-color: var(--review-border);
+}
+
 .by-creator {
    margin-top: 10px;
 }
--- a/web/src/app/submissions/[submissionId]/(styles)/page/reviewStatus.scss
+++ b/web/src/app/submissions/[submissionId]/(styles)/page/reviewStatus.scss
@@ -1,13 +1,12 @@
-$UnderConstruction: "0";
-$Submitted:         "1";
-$ChangesRequested:  "2";
-$Accepted:          "3";
+$Published:         "0";
+$Rejected:          "1";
+$Publishing:        "2";
+$Validated:         "3";
 $Validating:        "4";
-$Validated:         "5";
-$Uploading:         "6";
-$Uploaded:          "7";
-$Rejected:          "8";
-$Released:          "9";
+$Accepted:          "5";
+$ChangesRequested:  "6";
+$Submitted:         "7";
+$UnderConstruction: "8";

 .review-status {
    border-radius: 5px;
@@ -17,7 +16,7 @@ $Released:          "9";
        font-weight: bold;
    }

-    &[data-review-status="#{$Released}"] {
+    &[data-review-status="#{$Published}"] {
        background-color: orange;
        p {
            color: white;
@@ -29,13 +28,7 @@ $Released:          "9";
            color: white;
        }
    }
-    &[data-review-status="#{$Uploading}"] {
-        background-color: orange;
-        p {
-            color: white;
-        }
-    }
-    &[data-review-status="#{$Uploaded}"] {
+    &[data-review-status="#{$Publishing}"] {
        background-color: orange;
        p {
            color: white;
@@ -77,4 +70,4 @@ $Released:          "9";
            color: white;
        }
    }
-}
+}
--- a/web/src/app/submissions/[submissionId]/_comments.tsx
+++ b/web/src/app/submissions/[submissionId]/_comments.tsx
@@ -9,10 +9,8 @@ interface CommentersProps {
 }

 interface CreatorAndReviewStatus {
-    asset_id: SubmissionInfo["AssetID"],
    creator: SubmissionInfo["DisplayName"],
    review: SubmissionInfo["StatusID"],
-    status_message: SubmissionInfo["StatusMessage"],
    comments: Comment[],
    name: string
 }
@@ -65,4 +63,4 @@ export default function Comments(stats: CommentersProps) {

 export {
    type CreatorAndReviewStatus
-}
+}
--- a/web/src/app/submissions/[submissionId]/_map.tsx
+++ b/web/src/app/submissions/[submissionId]/_map.tsx
@@ -1,11 +1,24 @@
+"use client"
+
+import { useState, useEffect } from "react"
 import { SubmissionInfo } from "@/app/ts/Submission"
+import { AssetImage } from "@/app/ts/Roblox"
+import Image from "next/image"

 interface AssetID {
    id: SubmissionInfo["AssetID"]
 }

-function MapImage() {
-    return <p>Fetching map image...</p>
+function MapImage(asset: AssetID) {
+	const [assetImage, setAssetImage] = useState("");
+
+	useEffect(() => {
+		AssetImage(asset.id, "420x420").then(image => setAssetImage(image))
+	}, [asset.id]);
+	if (!assetImage) {
+        return <p>Fetching map image...</p>;
+    }
+    return <Image src={assetImage} alt="Map Image"/>
 }

 export {
--- a/web/src/app/submissions/[submissionId]/_reviewButtons.tsx
+++ b/web/src/app/submissions/[submissionId]/_reviewButtons.tsx
@@ -1,74 +1,36 @@
 import { Button, ButtonOwnProps } from "@mui/material";

-type Actions    = "Completed" | "Submit" | "Reject" | "Revoke"
-type ApiActions = Lowercase<Actions> | "trigger-validate" | "retry-validate" | "trigger-upload" | "reset-uploading" | "reset-validating"
-type Review     = Actions | "Accept" | "Validate" | "Upload" | "Reset Uploading (fix softlocked status)" | "Reset Validating (fix softlocked status)" | "Request Changes"
-
+type Review = "Completed" | "Submit" | "Reject" | "Revoke" | "Validate" | "Publish"
+type Action = "completed" | "submit" | "reject" | "revoke" | "trigger-validate" | "trigger-publish"
 interface ReviewButton {
 	name: Review,
-	action: ApiActions,
-	submissionId: string,
+	action: Action,
 	color: ButtonOwnProps["color"]
 }

-interface ReviewId {
-	submissionId: string
-}
-
-async function ReviewButtonClicked(action: ApiActions, submissionId: string) {
-	try {
-		const response = await fetch(`/api/submissions/${submissionId}/status/${action}`, {
-			method: "POST",
-			headers: {
-				"Content-type": "application/json",
-			}
-		});
-		// Check if the HTTP request was successful
-		if (!response.ok) {
-			const errorDetails = await response.text();
-
-			// Throw an error with detailed information
-			throw new Error(`HTTP error! status: ${response.status}, details: ${errorDetails}`);
+function ReviewButtonClicked(action: Action) {
+	const post = fetch(`http://localhost:3000/v1/submissions/1/status/${action}`, {
+		method: "POST",
+		headers: {
+			"Content-type": "application/json",
+			"Cookie": "session_id=c5191ddc-eee1-4010-900c-6b2c7b6780ab"
 		}
-
-		window.location.reload();
-	} catch (error) {
-		console.error("Error updating submission status:", error);
-	}
+	})
 }

 function ReviewButton(props: ReviewButton) {
-	return <Button
-		color={props.color}
-		variant="contained"
-		onClick={() => { ReviewButtonClicked(props.action, props.submissionId) }}>{props.name}</Button>
+	return <Button color={props.color} variant="contained" onClick={() => { ReviewButtonClicked(props.action) }}>{props.name}</Button>
 }

-export default function ReviewButtons(props: ReviewId) {
-	const submissionId = props.submissionId
-	// When is each button visible?
-	// Multiple buttons can be visible at once.
-	// Action         | Role      | When Current Status is One of:
-	// ---------------|-----------|-----------------------
-	// Submit         | Submitter | UnderConstruction, ChangesRequested
-	// Revoke         | Submitter | Submitted, ChangesRequested
-	// Accept         | Reviewer  | Submitted
-	// Validate       | Reviewer  | Accepted
-	// ResetValidating| Reviewer  | Validating
-	// Reject         | Reviewer  | Submitted
-	// RequestChanges | Reviewer  | Validated, Accepted, Submitted
-	// Upload         | MapAdmin  | Validated
-	// ResetUploading | MapAdmin  | Uploading
+export default function ReviewButtons() {
 	return (
 		<section className="review-set">
-			<ReviewButton color="info"  name="Submit"    action="submit"           submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Revoke"    action="revoke"           submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Accept"    action="trigger-validate" submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Validate"  action="retry-validate"   submissionId={submissionId}/>
-			<ReviewButton color="error" name="Reject"    action="reject"           submissionId={submissionId}/>
-			<ReviewButton color="info"  name="Upload"    action="trigger-upload"   submissionId={submissionId}/>
-			<ReviewButton color="error" name="Reset Uploading (fix softlocked status)"    action="reset-uploading"   submissionId={submissionId}/>
-			<ReviewButton color="error" name="Reset Validating (fix softlocked status)"   action="reset-validating"  submissionId={submissionId}/>
+			<ReviewButton color="error" name="Reject"    action="reject"/>
+			<ReviewButton color="info"  name="Revoke"    action="revoke"/>
+			<ReviewButton color="info"  name="Publish"   action="trigger-publish"/>
+			<ReviewButton color="info"  name="Completed" action="completed"/>
+			<ReviewButton color="info"  name="Submit"    action="submit"/>
+			<ReviewButton color="info"  name="Validate"  action="trigger-validate"/>
 		</section>
 	)
 }
--- a/web/src/app/submissions/[submissionId]/page.tsx
+++ b/web/src/app/submissions/[submissionId]/page.tsx
@@ -1,8 +1,8 @@
 "use client"

-import { SubmissionInfo, SubmissionStatusToString } from "@/app/ts/Submission";
+import { SubmissionStatus, SubmissionStatusToString } from "@/app/ts/Submission";
 import type { CreatorAndReviewStatus } from "./_comments";
-import { MapImage } from "./_map";
+import { MapImage, type AssetID } from "./_map";
 import { useParams } from "next/navigation";
 import ReviewButtons from "./_reviewButtons";
 import { Rating } from "@mui/material";
@@ -10,14 +10,9 @@ import Comments from "./_comments";
 import Webpage from "@/app/_components/webpage";
 import Window from "./_window";
 import Link from "next/link";
-import { useState, useEffect } from "react";

 import "./(styles)/page.scss";

-interface ReviewId {
-	submissionId: string
-}
-
 function Ratings() {
 	return (
 		<Window className="rating-window" title="Rating">
@@ -39,14 +34,14 @@ function Ratings() {
 	)
 }

-function RatingArea(submission: ReviewId) {
+function RatingArea(asset: AssetID) {
    return (
        <aside className="review-area">
        	<section className="map-image-area">
-         		<MapImage/>
+         		<MapImage id={asset.id}/>
         	</section>
            <Ratings/>
-			<ReviewButtons submissionId={submission.submissionId}/>
+            <ReviewButtons/>
        </aside>
    )
 }
@@ -54,7 +49,6 @@ function RatingArea(submission: ReviewId) {
 function TitleAndComments(stats: CreatorAndReviewStatus) {
    const Review = SubmissionStatusToString(stats.review)

-    // TODO: hide status message when status is not "Accepted"
 	return (
        <main className="review-info">
            <div>
@@ -64,8 +58,6 @@ function TitleAndComments(stats: CreatorAndReviewStatus) {
                </aside>
            </div>
            <p className="by-creator">by <Link href="" target="_blank">{stats.creator}</Link></p>
-            <p className="asset-id">Model Asset ID {stats.asset_id}</p>
-            <p className="status-message">Validation Error: {stats.status_message}</p>
            <span className="spacer"></span>
            <Comments comments_data={stats}/>
        </main>
@@ -75,31 +67,14 @@ function TitleAndComments(stats: CreatorAndReviewStatus) {
 export default function SubmissionInfoPage() {
    const dynamicId = useParams<{submissionId: string}>()

-    const [submission, setSubmission] = useState<SubmissionInfo | null>(null)
-
-	useEffect(() => { // needs to be client sided since server doesn't have a session, nextjs got mad at me for exporting an async function: (https://nextjs.org/docs/messages/no-async-client-component)
-		async function getSubmission() {
-			const res = await fetch(`/api/submissions/${dynamicId.submissionId}`)
-			if (res.ok) {
-				setSubmission(await res.json())
-			}
-		}
-        getSubmission()
-	}, [dynamicId.submissionId])
-
-	if (!submission) {
-		return <Webpage>
-		        {/* TODO: Add skeleton loading thingy ? Maybe ? (https://mui.com/material-ui/react-skeleton/) */}
-			</Webpage>
-	}
    return (
        <Webpage>
            <main className="map-page-main">
                <section className="review-section">
-					<RatingArea submissionId={dynamicId.submissionId}/>
-                    <TitleAndComments name={submission.DisplayName} creator={submission.Creator} review={submission.StatusID} status_message={submission.StatusMessage} asset_id={submission.AssetID} comments={[]}/>
+                    <RatingArea id={432}/>
+                    <TitleAndComments name={dynamicId.submissionId} creator="Quaternions" review={SubmissionStatus.Accepted} comments={[]}/>
                </section>
            </main>
        </Webpage>
 	)
-}
+}
--- a/web/src/app/submissions/_card.tsx
+++ b/web/src/app/submissions/_card.tsx
@@ -1,41 +0,0 @@
-import React from "react";
-import Image from "next/image";
-import Link from "next/link";
-import { Rating } from "@mui/material";
-
-interface SubmissionCardProps {
-	displayName: string;
-	assetId: number;
-	rating: number;
-	author: string;
-	id: number;
-}
-
-export default function SubmissionCard(props: SubmissionCardProps) {
-	return (
-		<Link href={`/submissions/${props.id}`}>
-			<div className="submissionCard">
-				<div className="content">
-					<div className="map-image">
-						{/* TODO: Grab image of model */}
-						<Image height={200} width={200} priority={true} src="https://api.ic3.space/strafe/map-images/11222350808" style={{ width: `100%` }} alt={props.displayName} />
-					</div>
-					<div className="details">
-						<div className="header">
-							<span className="displayName">{props.displayName}</span>
-							<div className="rating">
-								<Rating value={props.rating} readOnly size="small" />
-							</div>
-						</div>
-						<div className="footer">
-							<div className="author">
-								<Image className="avatar" width={28} height={28} priority={true} src="https://api.ic3.space/strafe/map-images/11222350808" alt={props.author}/>
-								<span>{props.author}</span>
-							</div>
-						</div>
-					</div>
-				</div>
-			</div>
-		</Link>
-	);
-}
--- a/web/src/app/submissions/_window.tsx
+++ b/web/src/app/submissions/_window.tsx
@@ -1,18 +0,0 @@
-interface WindowStruct {
-    children: React.ReactNode,
-    className: string,
-    title: string,
-}
-
-export default function Window(window: WindowStruct) {
-    return <section className={window.className}>
-        <header>
-            <p>{window.title}</p>
-        </header>
-        <main>{window.children}</main>
-    </section>
-}
-
-export {
-	type WindowStruct
-}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
rhpidfyre	49da5f6eb1	web: use multi-stage building for the container file	2024-12-14 00:07:59 -05:00
rhpidfyre	f0c39f5837	web: remove all unnecessary junk from the container after building (experiment & saves ~2GBs)	2024-12-12 18:39:10 -05:00