@rebornteam/reborn-api 4.0.0 → 4.6.0

package/api.ts

@@ -4,7 +4,7 @@
  * Reborn API
  * The Reborn API serves as the central backend for the platform, orchestrating secure communication between game clients and data services. This API supports two authentication methods: - **OAuth 2.0 Client Credentials**: For programmatic API access - **Discord SSO Bearer Token**: For admin endpoints requiring Discord authentication 
  *
- * The version of the OpenAPI document: 4.0.0
+ * The version of the OpenAPI document: 4.6.0
  * 
  *
  * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
@@ -73,6 +73,69 @@ export interface AdminAltExemption {
      */
     'reason'?: string | null;
 }
+/**
+ * Alt-graph rooted at a player, walked out to the requested hop depth.
+ */
+export interface AdminAltGraph {
+    /**
+     * UUID of the focal player. Always appears in nodes at depth=0.
+     */
+    'rootUuid': string;
+    /**
+     * Maximum hop depth walked. Capped server-side at MAX_PROPAGATION_DEPTH.
+     */
+    'depth': number;
+    /**
+     * Every player reachable from the root within {@code depth} hops, including the root at depth=0.
+     */
+    'nodes': Array<AdminAltGraphNode>;
+    /**
+     * Undirected edges between any two players in nodes that share at least one non-promiscuous connection.
+     */
+    'edges': Array<AdminAltGraphEdge>;
+}
+/**
+ * Undirected edge in an alt-graph traversal.
+ */
+export interface AdminAltGraphEdge {
+    /**
+     * One endpoint of the edge
+     */
+    'fromUuid': string;
+    /**
+     * Other endpoint of the edge. The pair is emitted only once — the SQL ensures fromUuid < toUuid lexicographically.
+     */
+    'toUuid': string;
+    /**
+     * Number of distinct non-promiscuous connections these two players share. Drives edge thickness.
+     */
+    'sharedConnectionCount': number;
+}
+/**
+ * One player node in an alt-graph traversal.
+ */
+export interface AdminAltGraphNode {
+    /**
+     * Player Minecraft UUID
+     */
+    'uuid': string;
+    /**
+     * Most recently seen username, null if never resolved
+     */
+    'username'?: string | null;
+    /**
+     * Hop count from the focal player (0 = the focal player herself).
+     */
+    'depth': number;
+    /**
+     * Trust factor (0-100). Drives the node colour in the graph.
+     */
+    'trustFactor': number;
+    /**
+     * Whether this player currently has at least one active (non-revoked, non-expired) player_punishment row. Drives a red outline ring on the node.
+     */
+    'hasActivePunishment': boolean;
+}
 /**
  * Request to apply a punishment to one or more targets
  */
@@ -212,9 +275,26 @@ export interface AdminAsyncJob {
      * Identifier of the API instance that is running this job. Other instances can see state and request cancellation but cannot dispose the in-flight Reactor subscription directly.
      */
     'hostInstance': string;
+    /**
+     * Pointer to a CSV artifact emitted by this job, when one exists. Present only after the job marks COMPLETED and the artifact has been persisted. Download the CSV bytes via GET /admin/job/{id}/artifact.csv.
+     */
+    'artifact'?: AdminAsyncJobArtifactMeta | null;
 }
 
 
+/**
+ * Pointer to a job\'s CSV artifact. Present only when the job emitted one.
+ */
+export interface AdminAsyncJobArtifactMeta {
+    /**
+     * Number of data rows in the artifact (excluding the header).
+     */
+    'rowCount': number;
+    /**
+     * When the artifact was finalized (typically a few seconds after the job marked COMPLETED).
+     */
+    'createdAt': string;
+}
 /**
  * Acknowledgement returned by endpoints that submit an async job. The id is the polling target — GET /admin/job/{id} for status, DELETE /admin/job/{id} to cancel.
  */
@@ -850,6 +930,19 @@ export interface AdminPunishmentTarget {
      */
     'ipAddress'?: string | null;
 }
+/**
+ * Active DIRECT participants currently attached to a punishment.
+ */
+export interface AdminPunishmentTargets {
+    /**
+     * UUIDs of players with an active DIRECT player_punishment link to this punishment.
+     */
+    'playerUuids': Array<string>;
+    /**
+     * IPs of connections with a live connection_punishment row for this punishment.
+     */
+    'ipAddresses': Array<string>;
+}
 /**
  * One reported player attached to a report.
  */
@@ -997,7 +1090,7 @@ export interface AdminTrustFactorImpact {
     'projectedTrustFactor': number;
 }
 /**
- * Partial update for a punishment. Only reason / notes / expiresAt may be edited — severity is intentionally immutable to keep the punishment score deterministic.
+ * Partial update for a punishment. All fields are optional; omitted fields stay untouched.
  */
 export interface AdminUpdatePunishmentRequest {
     /**
@@ -1016,7 +1109,25 @@ export interface AdminUpdatePunishmentRequest {
      * When true, clears expiresAt (makes the punishment permanent). Takes precedence over expiresAt.
      */
     'forcePermanent'?: boolean | null;
+    /**
+     * Replace the punishment type (BAN/MUTE/KICK/WARNING). Affects trust factor retroactively.
+     */
+    'type'?: PunishmentType | null;
+    /**
+     * Replace the severity (1–4). Affects trust factor retroactively.
+     */
+    'severity'?: number | null;
+    /**
+     * Targets to ADD. Each entry has either a player UUID or an IP. UUID → new DIRECT player_punishment row. IP → new connection_punishment row.
+     */
+    'addTargets'?: Array<AdminPunishmentTarget> | null;
+    /**
+     * Targets to REMOVE. UUID → soft-revoke the DIRECT player_punishment link. IP → delete the connection_punishment row outright. PROPAGATED links are not affected by this endpoint.
+     */
+    'removeTargets'?: Array<AdminPunishmentTarget> | null;
 }
+
+
 /**
  * A single entry in a player\'s username history
  */
@@ -1426,6 +1537,43 @@ export interface PlayerSessionEndRequest {
      */
     'serverSessionId': string;
 }
+/**
+ * Result of POST /v1/player-session/end. Confirms whether a session was closed and returns that session\'s lifetime plus the player\'s refreshed aggregate stats.
+ */
+export interface PlayerSessionEndResponse {
+    /**
+     * Player Minecraft UUID, echoed from the request
+     */
+    'playerUuid': string;
+    /**
+     * Server session id the player was on, echoed from the request
+     */
+    'serverSessionId': string;
+    /**
+     * True when an active session was found and closed by this call; false on a no-op (no active session existed, e.g. a duplicate/retried end event).
+     */
+    'sessionClosed': boolean;
+    /**
+     * Id of the session that was closed. Null on a no-op.
+     */
+    'sessionId'?: string | null;
+    /**
+     * When the closed session was opened (ISO-8601). Null on a no-op.
+     */
+    'startedAt'?: string | null;
+    /**
+     * When the session was closed (ISO-8601), i.e. now. Null on a no-op.
+     */
+    'endedAt'?: string | null;
+    /**
+     * Length of the closed session in seconds (endedAt - startedAt). Null on a no-op.
+     */
+    'durationSeconds'?: number | null;
+    /**
+     * Player\'s aggregate session stats, recomputed after this session was closed (so the just-ended session is included in the totals).
+     */
+    'sessionStats': AdminPlayerSessionStats;
+}
 /**
  * Unified player-join request. Runs the full authorization check (VPN, bypass, punishments) and conditionally opens a player_session for the allowed players.
  */
@@ -3398,6 +3546,44 @@ export const AdminJobsApiAxiosParamCreator = function (configuration?: Configura
             await setBearerAuthToObject(localVarHeaderParameter, configuration)
 
 
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Returns the CSV emitted by the job — typically one row per record the job touched. The first line is a header; subsequent lines are RFC-4180 escaped data rows. 404 when the job has no artifact (either it didn\'t emit one, or it hasn\'t finished yet).
+         * @summary Download a job\'s CSV artifact
+         * @param {string} id Job id
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        downloadArtifact: async (id: string, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'id' is not null or undefined
+            assertParamExists('downloadArtifact', 'id', id)
+            const localVarPath = `/admin/job/{id}/artifact.csv`
+                .replace(`{${"id"}}`, encodeURIComponent(String(id)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication DiscordAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+            localVarHeaderParameter['Accept'] = 'text/csv';
+
             setSearchParams(localVarUrlObj, localVarQueryParameter);
             let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
             localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
@@ -3513,6 +3699,19 @@ export const AdminJobsApiFp = function(configuration?: Configuration) {
             const localVarOperationServerBasePath = operationServerMap['AdminJobsApi.cancel']?.[localVarOperationServerIndex]?.url;
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
+        /**
+         * Returns the CSV emitted by the job — typically one row per record the job touched. The first line is a header; subsequent lines are RFC-4180 escaped data rows. 404 when the job has no artifact (either it didn\'t emit one, or it hasn\'t finished yet).
+         * @summary Download a job\'s CSV artifact
+         * @param {string} id Job id
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async downloadArtifact(id: string, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<string>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.downloadArtifact(id, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['AdminJobsApi.downloadArtifact']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
         /**
          * The polling target — the admin UI hits this every ~2 s while a job is running to update its progress bar.
          * @summary Get one async job
@@ -3559,6 +3758,16 @@ export const AdminJobsApiFactory = function (configuration?: Configuration, base
         cancel(id: string, options?: RawAxiosRequestConfig): AxiosPromise<void> {
             return localVarFp.cancel(id, options).then((request) => request(axios, basePath));
         },
+        /**
+         * Returns the CSV emitted by the job — typically one row per record the job touched. The first line is a header; subsequent lines are RFC-4180 escaped data rows. 404 when the job has no artifact (either it didn\'t emit one, or it hasn\'t finished yet).
+         * @summary Download a job\'s CSV artifact
+         * @param {string} id Job id
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        downloadArtifact(id: string, options?: RawAxiosRequestConfig): AxiosPromise<string> {
+            return localVarFp.downloadArtifact(id, options).then((request) => request(axios, basePath));
+        },
         /**
          * The polling target — the admin UI hits this every ~2 s while a job is running to update its progress bar.
          * @summary Get one async job
@@ -3598,6 +3807,17 @@ export class AdminJobsApi extends BaseAPI {
         return AdminJobsApiFp(this.configuration).cancel(id, options).then((request) => request(this.axios, this.basePath));
     }
 
+    /**
+     * Returns the CSV emitted by the job — typically one row per record the job touched. The first line is a header; subsequent lines are RFC-4180 escaped data rows. 404 when the job has no artifact (either it didn\'t emit one, or it hasn\'t finished yet).
+     * @summary Download a job\'s CSV artifact
+     * @param {string} id Job id
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    public downloadArtifact(id: string, options?: RawAxiosRequestConfig) {
+        return AdminJobsApiFp(this.configuration).downloadArtifact(id, options).then((request) => request(this.axios, this.basePath));
+    }
+
     /**
      * The polling target — the admin UI hits this every ~2 s while a job is running to update its progress bar.
      * @summary Get one async job
@@ -3671,6 +3891,40 @@ export const AdminPlayersApiAxiosParamCreator = function (configuration?: Config
                 options: localVarRequestOptions,
             };
         },
+        /**
+         * Submits an async job that walks every player row whose username is NULL and calls the Mojang profile API to resolve it. The job upserts both the player.username column and a player_username_history row. Returns immediately with a job id — poll GET /admin/job/{id} for progress and DELETE /admin/job/{id} to cancel. The final Admin_BackfillUsernamesResponse (processed/succeeded/failed counts) lands in the job\'s result_payload on COMPLETED. Mojang rate-limits at ~1 req/sec; a backfill of many rows can run for a while — cancel is honoured between rows.
+         * @summary Start a username backfill job
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        backfillUsernames: async (options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/admin/player/backfill-usernames`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication DiscordAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+            localVarHeaderParameter['Accept'] = 'application/json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
         /**
          * Soft-revokes every currently active PROPAGATED player_punishment row whose source matches the supplied id. Exactly one of sourcePlayerId / sourceConnectionId must be set. Useful when staff identify a single source as a false positive (e.g. shared NAT, legitimate roommate) and want to undo every link it caused in one operation.
          * @summary Bulk-revoke PROPAGATED links by source
@@ -3785,6 +4039,49 @@ export const AdminPlayersApiAxiosParamCreator = function (configuration?: Config
             await setBearerAuthToObject(localVarHeaderParameter, configuration)
 
 
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
+        /**
+         * Returns the connection-shared player graph reachable from this player within {depth} hops. Mirrors the propagation walk used by ALT_PROPAGATION_SWEEP — promiscuous (likely shared-NAT) connections are pruned, alt-exemption rows cut the graph at exempted players. Depth is clamped server-side at 5. Used by the admin Graph tab to render an interactive explorer.
+         * @summary Alt-graph traversal rooted at a player
+         * @param {string} uuid Player Minecraft UUID
+         * @param {number} [depth] Hop depth to walk. 1&#x3D;direct alts only; 5&#x3D;full sticky-trap radius. Default 2.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getAltGraph: async (uuid: string, depth?: number, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'uuid' is not null or undefined
+            assertParamExists('getAltGraph', 'uuid', uuid)
+            const localVarPath = `/admin/player/{uuid}/alt-graph`
+                .replace(`{${"uuid"}}`, encodeURIComponent(String(uuid)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication DiscordAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+            if (depth !== undefined) {
+                localVarQueryParameter['depth'] = depth;
+            }
+
+            localVarHeaderParameter['Accept'] = 'application/json';
+
             setSearchParams(localVarUrlObj, localVarQueryParameter);
             let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
             localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
@@ -4415,6 +4712,18 @@ export const AdminPlayersApiFp = function(configuration?: Configuration) {
             const localVarOperationServerBasePath = operationServerMap['AdminPlayersApi.addAltExemption']?.[localVarOperationServerIndex]?.url;
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
+        /**
+         * Submits an async job that walks every player row whose username is NULL and calls the Mojang profile API to resolve it. The job upserts both the player.username column and a player_username_history row. Returns immediately with a job id — poll GET /admin/job/{id} for progress and DELETE /admin/job/{id} to cancel. The final Admin_BackfillUsernamesResponse (processed/succeeded/failed counts) lands in the job\'s result_payload on COMPLETED. Mojang rate-limits at ~1 req/sec; a backfill of many rows can run for a while — cancel is honoured between rows.
+         * @summary Start a username backfill job
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async backfillUsernames(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<AdminAsyncJobStartResponse>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.backfillUsernames(options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['AdminPlayersApi.backfillUsernames']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
         /**
          * Soft-revokes every currently active PROPAGATED player_punishment row whose source matches the supplied id. Exactly one of sourcePlayerId / sourceConnectionId must be set. Useful when staff identify a single source as a false positive (e.g. shared NAT, legitimate roommate) and want to undo every link it caused in one operation.
          * @summary Bulk-revoke PROPAGATED links by source
@@ -4456,6 +4765,20 @@ export const AdminPlayersApiFp = function(configuration?: Configuration) {
             const localVarOperationServerBasePath = operationServerMap['AdminPlayersApi.deletePlayerNote']?.[localVarOperationServerIndex]?.url;
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
+        /**
+         * Returns the connection-shared player graph reachable from this player within {depth} hops. Mirrors the propagation walk used by ALT_PROPAGATION_SWEEP — promiscuous (likely shared-NAT) connections are pruned, alt-exemption rows cut the graph at exempted players. Depth is clamped server-side at 5. Used by the admin Graph tab to render an interactive explorer.
+         * @summary Alt-graph traversal rooted at a player
+         * @param {string} uuid Player Minecraft UUID
+         * @param {number} [depth] Hop depth to walk. 1&#x3D;direct alts only; 5&#x3D;full sticky-trap radius. Default 2.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async getAltGraph(uuid: string, depth?: number, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<AdminAltGraph>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.getAltGraph(uuid, depth, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['AdminPlayersApi.getAltGraph']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
         /**
          * Returns full detail for a single player including all known usernames and punishment scoring.
          * @summary Get player detail
@@ -4669,6 +4992,15 @@ export const AdminPlayersApiFactory = function (configuration?: Configuration, b
         addAltExemption(uuid: string, adminCreateAltExemptionRequest: AdminCreateAltExemptionRequest, options?: RawAxiosRequestConfig): AxiosPromise<void> {
             return localVarFp.addAltExemption(uuid, adminCreateAltExemptionRequest, options).then((request) => request(axios, basePath));
         },
+        /**
+         * Submits an async job that walks every player row whose username is NULL and calls the Mojang profile API to resolve it. The job upserts both the player.username column and a player_username_history row. Returns immediately with a job id — poll GET /admin/job/{id} for progress and DELETE /admin/job/{id} to cancel. The final Admin_BackfillUsernamesResponse (processed/succeeded/failed counts) lands in the job\'s result_payload on COMPLETED. Mojang rate-limits at ~1 req/sec; a backfill of many rows can run for a while — cancel is honoured between rows.
+         * @summary Start a username backfill job
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        backfillUsernames(options?: RawAxiosRequestConfig): AxiosPromise<AdminAsyncJobStartResponse> {
+            return localVarFp.backfillUsernames(options).then((request) => request(axios, basePath));
+        },
         /**
          * Soft-revokes every currently active PROPAGATED player_punishment row whose source matches the supplied id. Exactly one of sourcePlayerId / sourceConnectionId must be set. Useful when staff identify a single source as a false positive (e.g. shared NAT, legitimate roommate) and want to undo every link it caused in one operation.
          * @summary Bulk-revoke PROPAGATED links by source
@@ -4701,6 +5033,17 @@ export const AdminPlayersApiFactory = function (configuration?: Configuration, b
         deletePlayerNote(uuid: string, noteId: number, options?: RawAxiosRequestConfig): AxiosPromise<void> {
             return localVarFp.deletePlayerNote(uuid, noteId, options).then((request) => request(axios, basePath));
         },
+        /**
+         * Returns the connection-shared player graph reachable from this player within {depth} hops. Mirrors the propagation walk used by ALT_PROPAGATION_SWEEP — promiscuous (likely shared-NAT) connections are pruned, alt-exemption rows cut the graph at exempted players. Depth is clamped server-side at 5. Used by the admin Graph tab to render an interactive explorer.
+         * @summary Alt-graph traversal rooted at a player
+         * @param {string} uuid Player Minecraft UUID
+         * @param {number} [depth] Hop depth to walk. 1&#x3D;direct alts only; 5&#x3D;full sticky-trap radius. Default 2.
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getAltGraph(uuid: string, depth?: number, options?: RawAxiosRequestConfig): AxiosPromise<AdminAltGraph> {
+            return localVarFp.getAltGraph(uuid, depth, options).then((request) => request(axios, basePath));
+        },
         /**
          * Returns full detail for a single player including all known usernames and punishment scoring.
          * @summary Get player detail
@@ -4871,6 +5214,16 @@ export class AdminPlayersApi extends BaseAPI {
         return AdminPlayersApiFp(this.configuration).addAltExemption(uuid, adminCreateAltExemptionRequest, options).then((request) => request(this.axios, this.basePath));
     }
 
+    /**
+     * Submits an async job that walks every player row whose username is NULL and calls the Mojang profile API to resolve it. The job upserts both the player.username column and a player_username_history row. Returns immediately with a job id — poll GET /admin/job/{id} for progress and DELETE /admin/job/{id} to cancel. The final Admin_BackfillUsernamesResponse (processed/succeeded/failed counts) lands in the job\'s result_payload on COMPLETED. Mojang rate-limits at ~1 req/sec; a backfill of many rows can run for a while — cancel is honoured between rows.
+     * @summary Start a username backfill job
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    public backfillUsernames(options?: RawAxiosRequestConfig) {
+        return AdminPlayersApiFp(this.configuration).backfillUsernames(options).then((request) => request(this.axios, this.basePath));
+    }
+
     /**
      * Soft-revokes every currently active PROPAGATED player_punishment row whose source matches the supplied id. Exactly one of sourcePlayerId / sourceConnectionId must be set. Useful when staff identify a single source as a false positive (e.g. shared NAT, legitimate roommate) and want to undo every link it caused in one operation.
      * @summary Bulk-revoke PROPAGATED links by source
@@ -4906,6 +5259,18 @@ export class AdminPlayersApi extends BaseAPI {
         return AdminPlayersApiFp(this.configuration).deletePlayerNote(uuid, noteId, options).then((request) => request(this.axios, this.basePath));
     }
 
+    /**
+     * Returns the connection-shared player graph reachable from this player within {depth} hops. Mirrors the propagation walk used by ALT_PROPAGATION_SWEEP — promiscuous (likely shared-NAT) connections are pruned, alt-exemption rows cut the graph at exempted players. Depth is clamped server-side at 5. Used by the admin Graph tab to render an interactive explorer.
+     * @summary Alt-graph traversal rooted at a player
+     * @param {string} uuid Player Minecraft UUID
+     * @param {number} [depth] Hop depth to walk. 1&#x3D;direct alts only; 5&#x3D;full sticky-trap radius. Default 2.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    public getAltGraph(uuid: string, depth?: number, options?: RawAxiosRequestConfig) {
+        return AdminPlayersApiFp(this.configuration).getAltGraph(uuid, depth, options).then((request) => request(this.axios, this.basePath));
+    }
+
     /**
      * Returns full detail for a single player including all known usernames and punishment scoring.
      * @summary Get player detail
@@ -5199,6 +5564,44 @@ export const AdminPunishmentsApiAxiosParamCreator = function (configuration?: Co
                 options: localVarRequestOptions,
             };
         },
+        /**
+         * Returns the active DIRECT player_punishment UUIDs and the live connection_punishment IPs for a punishment. Used by the admin edit dialog to render the editable participant list. PROPAGATED links are excluded — they\'re an enforcement detail, not part of \'who the admin attached to this punishment\'.
+         * @summary List a punishment\'s current participants
+         * @param {number} id Punishment id
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getPunishmentTargets: async (id: number, options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            // verify required parameter 'id' is not null or undefined
+            assertParamExists('getPunishmentTargets', 'id', id)
+            const localVarPath = `/admin/punishment/{id}/targets`
+                .replace(`{${"id"}}`, encodeURIComponent(String(id)));
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'GET', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication DiscordAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+            localVarHeaderParameter['Accept'] = 'application/json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
         /**
          * Returns a paginated list of punishments with optional filtering by player UUID, username, IP address, type, and date range.
          * @summary List punishments
@@ -5270,6 +5673,40 @@ export const AdminPunishmentsApiAxiosParamCreator = function (configuration?: Co
                 options: localVarRequestOptions,
             };
         },
+        /**
+         * Submits an async job that walks every player and re-runs the aggressive-mode propagation logic (tier-1 own-IP plus tier-2 alt-driven). Useful after toggling aggressive-mode on, or after a propagation-rule change, to backfill PROPAGATED player_punishment rows that would otherwise only appear on each player\'s next login. Idempotent — ON CONFLICT DO NOTHING. Returns immediately with a job id; poll GET /admin/job/{id} for progress and DELETE /admin/job/{id} to cancel.
+         * @summary Start an alt-propagation sweep job
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        propagationSweep: async (options: RawAxiosRequestConfig = {}): Promise<RequestArgs> => {
+            const localVarPath = `/admin/punishment/propagation-sweep`;
+            // use dummy base URL string because the URL constructor only accepts absolute URLs.
+            const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+            let baseOptions;
+            if (configuration) {
+                baseOptions = configuration.baseOptions;
+            }
+
+            const localVarRequestOptions = { method: 'POST', ...baseOptions, ...options};
+            const localVarHeaderParameter = {} as any;
+            const localVarQueryParameter = {} as any;
+
+            // authentication DiscordAuth required
+            // http bearer authentication required
+            await setBearerAuthToObject(localVarHeaderParameter, configuration)
+
+            localVarHeaderParameter['Accept'] = 'application/json';
+
+            setSearchParams(localVarUrlObj, localVarQueryParameter);
+            let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
+            localVarRequestOptions.headers = {...localVarHeaderParameter, ...headersFromBaseOptions, ...options.headers};
+
+            return {
+                url: toPathString(localVarUrlObj),
+                options: localVarRequestOptions,
+            };
+        },
         /**
          * Search for players by UUID or username, or look up all players associated with an IP address.
          * @summary Search punishment targets
@@ -5360,6 +5797,19 @@ export const AdminPunishmentsApiFp = function(configuration?: Configuration) {
             const localVarOperationServerBasePath = operationServerMap['AdminPunishmentsApi.editPunishment']?.[localVarOperationServerIndex]?.url;
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
+        /**
+         * Returns the active DIRECT player_punishment UUIDs and the live connection_punishment IPs for a punishment. Used by the admin edit dialog to render the editable participant list. PROPAGATED links are excluded — they\'re an enforcement detail, not part of \'who the admin attached to this punishment\'.
+         * @summary List a punishment\'s current participants
+         * @param {number} id Punishment id
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async getPunishmentTargets(id: number, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<AdminPunishmentTargets>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.getPunishmentTargets(id, options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['AdminPunishmentsApi.getPunishmentTargets']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
         /**
          * Returns a paginated list of punishments with optional filtering by player UUID, username, IP address, type, and date range.
          * @summary List punishments
@@ -5379,6 +5829,18 @@ export const AdminPunishmentsApiFp = function(configuration?: Configuration) {
             const localVarOperationServerBasePath = operationServerMap['AdminPunishmentsApi.getPunishments']?.[localVarOperationServerIndex]?.url;
             return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
         },
+        /**
+         * Submits an async job that walks every player and re-runs the aggressive-mode propagation logic (tier-1 own-IP plus tier-2 alt-driven). Useful after toggling aggressive-mode on, or after a propagation-rule change, to backfill PROPAGATED player_punishment rows that would otherwise only appear on each player\'s next login. Idempotent — ON CONFLICT DO NOTHING. Returns immediately with a job id; poll GET /admin/job/{id} for progress and DELETE /admin/job/{id} to cancel.
+         * @summary Start an alt-propagation sweep job
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        async propagationSweep(options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<AdminAsyncJobStartResponse>> {
+            const localVarAxiosArgs = await localVarAxiosParamCreator.propagationSweep(options);
+            const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
+            const localVarOperationServerBasePath = operationServerMap['AdminPunishmentsApi.propagationSweep']?.[localVarOperationServerIndex]?.url;
+            return (axios, basePath) => createRequestFunction(localVarAxiosArgs, globalAxios, BASE_PATH, configuration)(axios, localVarOperationServerBasePath || basePath);
+        },
         /**
          * Search for players by UUID or username, or look up all players associated with an IP address.
          * @summary Search punishment targets
@@ -5432,6 +5894,16 @@ export const AdminPunishmentsApiFactory = function (configuration?: Configuratio
         editPunishment(id: number, adminUpdatePunishmentRequest: AdminUpdatePunishmentRequest, options?: RawAxiosRequestConfig): AxiosPromise<void> {
             return localVarFp.editPunishment(id, adminUpdatePunishmentRequest, options).then((request) => request(axios, basePath));
         },
+        /**
+         * Returns the active DIRECT player_punishment UUIDs and the live connection_punishment IPs for a punishment. Used by the admin edit dialog to render the editable participant list. PROPAGATED links are excluded — they\'re an enforcement detail, not part of \'who the admin attached to this punishment\'.
+         * @summary List a punishment\'s current participants
+         * @param {number} id Punishment id
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        getPunishmentTargets(id: number, options?: RawAxiosRequestConfig): AxiosPromise<AdminPunishmentTargets> {
+            return localVarFp.getPunishmentTargets(id, options).then((request) => request(axios, basePath));
+        },
         /**
          * Returns a paginated list of punishments with optional filtering by player UUID, username, IP address, type, and date range.
          * @summary List punishments
@@ -5448,6 +5920,15 @@ export const AdminPunishmentsApiFactory = function (configuration?: Configuratio
         getPunishments(pageable: Pageable, uuid?: string | null, username?: string | null, ipAddress?: string | null, type?: Array<PunishmentType> | null, issuedAfter?: number | null, issuedBefore?: number | null, options?: RawAxiosRequestConfig): AxiosPromise<PageAdminPunishmentListItem> {
             return localVarFp.getPunishments(pageable, uuid, username, ipAddress, type, issuedAfter, issuedBefore, options).then((request) => request(axios, basePath));
         },
+        /**
+         * Submits an async job that walks every player and re-runs the aggressive-mode propagation logic (tier-1 own-IP plus tier-2 alt-driven). Useful after toggling aggressive-mode on, or after a propagation-rule change, to backfill PROPAGATED player_punishment rows that would otherwise only appear on each player\'s next login. Idempotent — ON CONFLICT DO NOTHING. Returns immediately with a job id; poll GET /admin/job/{id} for progress and DELETE /admin/job/{id} to cancel.
+         * @summary Start an alt-propagation sweep job
+         * @param {*} [options] Override http request option.
+         * @throws {RequiredError}
+         */
+        propagationSweep(options?: RawAxiosRequestConfig): AxiosPromise<AdminAsyncJobStartResponse> {
+            return localVarFp.propagationSweep(options).then((request) => request(axios, basePath));
+        },
         /**
          * Search for players by UUID or username, or look up all players associated with an IP address.
          * @summary Search punishment targets
@@ -5499,6 +5980,17 @@ export class AdminPunishmentsApi extends BaseAPI {
         return AdminPunishmentsApiFp(this.configuration).editPunishment(id, adminUpdatePunishmentRequest, options).then((request) => request(this.axios, this.basePath));
     }
 
+    /**
+     * Returns the active DIRECT player_punishment UUIDs and the live connection_punishment IPs for a punishment. Used by the admin edit dialog to render the editable participant list. PROPAGATED links are excluded — they\'re an enforcement detail, not part of \'who the admin attached to this punishment\'.
+     * @summary List a punishment\'s current participants
+     * @param {number} id Punishment id
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    public getPunishmentTargets(id: number, options?: RawAxiosRequestConfig) {
+        return AdminPunishmentsApiFp(this.configuration).getPunishmentTargets(id, options).then((request) => request(this.axios, this.basePath));
+    }
+
     /**
      * Returns a paginated list of punishments with optional filtering by player UUID, username, IP address, type, and date range.
      * @summary List punishments
@@ -5516,6 +6008,16 @@ export class AdminPunishmentsApi extends BaseAPI {
         return AdminPunishmentsApiFp(this.configuration).getPunishments(pageable, uuid, username, ipAddress, type, issuedAfter, issuedBefore, options).then((request) => request(this.axios, this.basePath));
     }
 
+    /**
+     * Submits an async job that walks every player and re-runs the aggressive-mode propagation logic (tier-1 own-IP plus tier-2 alt-driven). Useful after toggling aggressive-mode on, or after a propagation-rule change, to backfill PROPAGATED player_punishment rows that would otherwise only appear on each player\'s next login. Idempotent — ON CONFLICT DO NOTHING. Returns immediately with a job id; poll GET /admin/job/{id} for progress and DELETE /admin/job/{id} to cancel.
+     * @summary Start an alt-propagation sweep job
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    public propagationSweep(options?: RawAxiosRequestConfig) {
+        return AdminPunishmentsApiFp(this.configuration).propagationSweep(options).then((request) => request(this.axios, this.basePath));
+    }
+
     /**
      * Search for players by UUID or username, or look up all players associated with an IP address.
      * @summary Search punishment targets
@@ -6573,7 +7075,7 @@ export class PlayerApi extends BaseAPI {
 export const PlayerSessionsApiAxiosParamCreator = function (configuration?: Configuration) {
     return {
         /**
-         * Closes the active session for a (playerUuid, serverSessionId) pair. No-op if no active session is found, so duplicate end events from a retry don\'t error.
+         * Closes the active session for a (playerUuid, serverSessionId) pair and returns an acknowledgment: whether a session was actually closed, that session\'s start / end / duration, and the player\'s aggregate session stats recomputed after the close. No-op if no active session is found — `sessionClosed` is false and the per-session fields are null (stats are still returned) — so duplicate end events from a retry don\'t error.
          * @summary Close the active player session
          * @param {PlayerSessionEndRequest} playerSessionEndRequest 
          * @param {*} [options] Override http request option.
@@ -6599,6 +7101,7 @@ export const PlayerSessionsApiAxiosParamCreator = function (configuration?: Conf
             await setBearerAuthToObject(localVarHeaderParameter, configuration)
 
             localVarHeaderParameter['Content-Type'] = 'application/json';
+            localVarHeaderParameter['Accept'] = 'application/json';
 
             setSearchParams(localVarUrlObj, localVarQueryParameter);
             let headersFromBaseOptions = baseOptions && baseOptions.headers ? baseOptions.headers : {};
@@ -6659,13 +7162,13 @@ export const PlayerSessionsApiFp = function(configuration?: Configuration) {
     const localVarAxiosParamCreator = PlayerSessionsApiAxiosParamCreator(configuration)
     return {
         /**
-         * Closes the active session for a (playerUuid, serverSessionId) pair. No-op if no active session is found, so duplicate end events from a retry don\'t error.
+         * Closes the active session for a (playerUuid, serverSessionId) pair and returns an acknowledgment: whether a session was actually closed, that session\'s start / end / duration, and the player\'s aggregate session stats recomputed after the close. No-op if no active session is found — `sessionClosed` is false and the per-session fields are null (stats are still returned) — so duplicate end events from a retry don\'t error.
          * @summary Close the active player session
          * @param {PlayerSessionEndRequest} playerSessionEndRequest 
          * @param {*} [options] Override http request option.
          * @throws {RequiredError}
          */
-        async end(playerSessionEndRequest: PlayerSessionEndRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<void>> {
+        async end(playerSessionEndRequest: PlayerSessionEndRequest, options?: RawAxiosRequestConfig): Promise<(axios?: AxiosInstance, basePath?: string) => AxiosPromise<PlayerSessionEndResponse>> {
             const localVarAxiosArgs = await localVarAxiosParamCreator.end(playerSessionEndRequest, options);
             const localVarOperationServerIndex = configuration?.serverIndex ?? 0;
             const localVarOperationServerBasePath = operationServerMap['PlayerSessionsApi.end']?.[localVarOperationServerIndex]?.url;
@@ -6694,13 +7197,13 @@ export const PlayerSessionsApiFactory = function (configuration?: Configuration,
     const localVarFp = PlayerSessionsApiFp(configuration)
     return {
         /**
-         * Closes the active session for a (playerUuid, serverSessionId) pair. No-op if no active session is found, so duplicate end events from a retry don\'t error.
+         * Closes the active session for a (playerUuid, serverSessionId) pair and returns an acknowledgment: whether a session was actually closed, that session\'s start / end / duration, and the player\'s aggregate session stats recomputed after the close. No-op if no active session is found — `sessionClosed` is false and the per-session fields are null (stats are still returned) — so duplicate end events from a retry don\'t error.
          * @summary Close the active player session
          * @param {PlayerSessionEndRequest} playerSessionEndRequest 
          * @param {*} [options] Override http request option.
          * @throws {RequiredError}
          */
-        end(playerSessionEndRequest: PlayerSessionEndRequest, options?: RawAxiosRequestConfig): AxiosPromise<void> {
+        end(playerSessionEndRequest: PlayerSessionEndRequest, options?: RawAxiosRequestConfig): AxiosPromise<PlayerSessionEndResponse> {
             return localVarFp.end(playerSessionEndRequest, options).then((request) => request(axios, basePath));
         },
         /**
@@ -6721,7 +7224,7 @@ export const PlayerSessionsApiFactory = function (configuration?: Configuration,
  */
 export class PlayerSessionsApi extends BaseAPI {
     /**
-     * Closes the active session for a (playerUuid, serverSessionId) pair. No-op if no active session is found, so duplicate end events from a retry don\'t error.
+     * Closes the active session for a (playerUuid, serverSessionId) pair and returns an acknowledgment: whether a session was actually closed, that session\'s start / end / duration, and the player\'s aggregate session stats recomputed after the close. No-op if no active session is found — `sessionClosed` is false and the per-session fields are null (stats are still returned) — so duplicate end events from a retry don\'t error.
      * @summary Close the active player session
      * @param {PlayerSessionEndRequest} playerSessionEndRequest 
      * @param {*} [options] Override http request option.