working commit

2026-02-21 12:31:39 +02:00
parent 3220e2d78f
commit cd37a4508c
37 changed files with 354 additions and 319 deletions
@@ -90,7 +90,7 @@ EXTRA_mstored_SOURCES = \
 	pkg/auxtool/tmpfile.go \
 	pkg/auxtool/unixnow.go \
 	pkg/auxutar/utar.go \
-	pkg/uuid/uuid.go \
+	pkg/auxuuid/uuid.go \
 	pkg/auxx509/x509cert.go \
 	pkg/client/account.go \
 	pkg/client/client.go \
@@ -385,7 +385,7 @@ EXTRA_mstored_SOURCES = \
 	pkg/auxtool/tmpfile.go \
 	pkg/auxtool/unixnow.go \
 	pkg/auxutar/utar.go \
-	pkg/uuid/uuid.go \
+	pkg/auxuuid/uuid.go \
 	pkg/auxx509/x509cert.go \
 	pkg/client/account.go \
 	pkg/client/client.go \
@@ -18,7 +18,6 @@ import (
 	"mstore/pkg/auxhttp"
 	"mstore/pkg/auxpwd"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 const (
@@ -44,12 +43,12 @@ func (hand *Handler) AuthMiddleware(next router.Handler) router.Handler {
 }

 // Authentification
-func (hand *Handler) CheckAccess(rctx *router.Context) (bool, uint64, error) {
+func (hand *Handler) CheckAccess(rctx *router.Context) (bool, string, error) {
 	var err error
 	var success bool
 	var username string
 	var password string
-	var accountID uint64
+	var accountID string

 	accountID = term.AnonymousID

@@ -80,9 +79,9 @@ anonymous:
 	return success, accountID, err
 }

-func (hand *Handler) ValidatePassword(ctx context.Context, username, password string) (bool, uint64, error) {
+func (hand *Handler) ValidatePassword(ctx context.Context, username, password string) (bool, string, error) {
 	var err error
-	var accountID uint64
+	var accountID string
 	valid := false

 	accountExists, accountDescr, err := hand.mdb.GetAccountByUsername(ctx, username)
@@ -102,7 +101,7 @@ func (hand *Handler) ValidatePassword(ctx context.Context, username, password st

 // Authorization

-func (hand *Handler) CheckRight(ctx context.Context, accountID uint64, reqRight term.Right, subject string) (bool, error) {
+func (hand *Handler) CheckRight(ctx context.Context, accountID, reqRight, subject string) (bool, error) {
 	var err error
 	var res bool
 	//hand.logg.Debugf("Cop check your right %s: %s %s", accountID, reqRight, subject)
@@ -15,7 +15,6 @@ import (
 	"mstore/app/operator"
 	"mstore/app/router"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 // POST /v3/account/create 200 200
@@ -30,7 +29,7 @@ func (hand *Handler) CreateAccount(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -42,7 +41,7 @@ func (hand *Handler) CreateAccount(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.CreateAccount(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.CreateAccount(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -63,7 +62,7 @@ func (hand *Handler) GetAccount(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -75,7 +74,7 @@ func (hand *Handler) GetAccount(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.GetAccount(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.GetAccount(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -96,7 +95,7 @@ func (hand *Handler) ListAccounts(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -129,7 +128,7 @@ func (hand *Handler) UpdateAccount(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -141,7 +140,7 @@ func (hand *Handler) UpdateAccount(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.UpdateAccount(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.UpdateAccount(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("UpdateAccount error: %v", err)
 		hand.SendError(rctx, err)
@@ -162,7 +161,7 @@ func (hand *Handler) DeleteAccount(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteAccounts, params.Username)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteAccounts, params.Username)
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -174,7 +173,7 @@ func (hand *Handler) DeleteAccount(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.DeleteAccount(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.DeleteAccount(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("DeleteAccount error: %v", err)
 		hand.SendError(rctx, err)
@@ -17,7 +17,6 @@ import (
 	"mstore/app/operator"
 	"mstore/app/router"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 // HEAD /v2/<name>/blobs/<digest> 200 404
@@ -33,7 +32,7 @@ func (hand *Handler) BlobExists(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -44,7 +43,7 @@ func (hand *Handler) BlobExists(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	res, code, err := hand.oper.BlobExists(ctx, params)
+	res, code, err := hand.oper.BlobExists(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("BlobExist error: %v", err)
 	}
@@ -73,7 +72,7 @@ func (hand *Handler) PostUpload(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -83,7 +82,7 @@ func (hand *Handler) PostUpload(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, code, err := hand.oper.PostUpload(rctx.Ctx, params)
+	res, code, err := hand.oper.PostUpload(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("PostUpload error: %v", err)
 	} else {
@@ -118,7 +117,7 @@ func (hand *Handler) PatchUpload(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -129,7 +128,7 @@ func (hand *Handler) PatchUpload(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	res, code, err := hand.oper.PatchUpload(ctx, params)
+	res, code, err := hand.oper.PatchUpload(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("PatchUpload error: %v", err)
 	}
@@ -162,7 +161,7 @@ func (hand *Handler) PutUpload(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -172,7 +171,7 @@ func (hand *Handler) PutUpload(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, code, err := hand.oper.PutUpload(rctx.Ctx, params)
+	res, code, err := hand.oper.PutUpload(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("PutUpload error: %v", err)
 	}
@@ -192,7 +191,7 @@ func (hand *Handler) GetBlob(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -203,7 +202,7 @@ func (hand *Handler) GetBlob(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	res, code, err := hand.oper.GetBlob(ctx, params)
+	res, code, err := hand.oper.GetBlob(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("GetBlob error: %v", err)
 	}
@@ -238,7 +237,7 @@ func (hand *Handler) DeleteBlob(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -249,7 +248,7 @@ func (hand *Handler) DeleteBlob(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	_, code, err := hand.oper.DeleteBlob(ctx, params)
+	_, code, err := hand.oper.DeleteBlob(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("DeleteBlob error: %v", err)
 	}
@@ -16,7 +16,6 @@ import (
 	"mstore/app/operator"
 	"mstore/app/router"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 const zeroContentLength = "0"
@@ -29,7 +28,7 @@ func (hand *Handler) FileInfo(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadFiles, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadFiles, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -40,7 +39,7 @@ func (hand *Handler) FileInfo(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	code, res, err := hand.oper.FileInfo(ctx, uint64(operatorID), params)
+	code, res, err := hand.oper.FileInfo(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("FileInfo error: %v", err)
 		rctx.SetStatus(code)
@@ -74,7 +73,7 @@ func (hand *Handler) PutFile(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteFiles, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteFiles, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -85,7 +84,7 @@ func (hand *Handler) PutFile(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	code, _, err := hand.oper.PutFile(ctx, uint64(operatorID), params)
+	code, _, err := hand.oper.PutFile(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("PutFile error: %v", err)
 		rctx.SetStatus(code)
@@ -102,7 +101,7 @@ func (hand *Handler) GetFile(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadFiles, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadFiles, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -113,7 +112,7 @@ func (hand *Handler) GetFile(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	code, res, err := hand.oper.GetFile(ctx, uint64(operatorID), params)
+	code, res, err := hand.oper.GetFile(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("PutFile error: %v", err)
 		rctx.SetStatus(code)
@@ -150,7 +149,7 @@ func (hand *Handler) DeleteFile(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteFiles, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteFiles, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -161,7 +160,7 @@ func (hand *Handler) DeleteFile(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	code, _, err := hand.oper.DeleteFile(ctx, uint64(operatorID), params)
+	code, _, err := hand.oper.DeleteFile(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("DeleteFIle error: %v", err)
 	}
@@ -187,7 +186,7 @@ func (hand *Handler) ListFiles(rctx *router.Context) {

 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadFiles, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadFiles, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -198,7 +197,7 @@ func (hand *Handler) ListFiles(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	code, res, err := hand.oper.ListFiles(ctx, uint64(operatorID), params)
+	code, res, err := hand.oper.ListFiles(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("ListFiles error: %v", err)
 		rctx.SetStatus(code)
@@ -224,7 +223,7 @@ func (hand *Handler) ListCollections(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadFiles, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadFiles, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -235,7 +234,7 @@ func (hand *Handler) ListCollections(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	code, res, err := hand.oper.ListCollections(ctx, uint64(operatorID), params)
+	code, res, err := hand.oper.ListCollections(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("ListCollections error: %v", err)
 		rctx.SetStatus(code)
@@ -262,7 +261,7 @@ func (hand *Handler) DeleteCollection(rctx *router.Context) {

 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadFiles, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadFiles, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -273,7 +272,7 @@ func (hand *Handler) DeleteCollection(rctx *router.Context) {
 	}
 	// Execution of the operation
 	ctx := rctx.GetContext()
-	code, res, err := hand.oper.DeleteColletion(ctx, uint64(operatorID), params)
+	code, res, err := hand.oper.DeleteColletion(ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("DeleteColletion error: %v", err)
 		rctx.SetStatus(code)
@@ -15,7 +15,6 @@ import (
 	"mstore/app/operator"
 	"mstore/app/router"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 // POST /v3/grant/create 200 200
@@ -30,7 +29,7 @@ func (hand *Handler) CreateGrant(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -42,7 +41,7 @@ func (hand *Handler) CreateGrant(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.CreateGrant(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.CreateGrant(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("CreateGrant error: %v", err)
 		hand.SendError(rctx, err)
@@ -63,7 +62,7 @@ func (hand *Handler) GetGrant(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -75,7 +74,7 @@ func (hand *Handler) GetGrant(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.GetGrant(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.GetGrant(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("CreateGrant error: %v", err)
 		hand.SendError(rctx, err)
@@ -96,7 +95,7 @@ func (hand *Handler) ListGrants(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -108,7 +107,7 @@ func (hand *Handler) ListGrants(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.ListGrants(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.ListGrants(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("ListGrants error: %v", err)
 		hand.SendError(rctx, err)
@@ -129,7 +128,7 @@ func (hand *Handler) UpdateGrant(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -141,7 +140,7 @@ func (hand *Handler) UpdateGrant(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.UpdateGrant(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.UpdateGrant(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("UpdateGrant error: %v", err)
 		hand.SendError(rctx, err)
@@ -162,7 +161,7 @@ func (hand *Handler) DeleteGrant(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteAccounts, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteAccounts, "")
 	if err != nil {
 		err := fmt.Errorf("Operation error: %v", err)
 		hand.SendError(rctx, err)
@@ -174,7 +173,7 @@ func (hand *Handler) DeleteGrant(rctx *router.Context) {
 		return
 	}
 	// Execution of the operation
-	res, err := hand.oper.DeleteGrant(rctx.Ctx, uint64(operatorID), params)
+	res, err := hand.oper.DeleteGrant(rctx.Ctx, operatorID, params)
 	if err != nil {
 		hand.logg.Errorf("DeleteGrant error: %v", err)
 		hand.SendError(rctx, err)
@@ -15,7 +15,6 @@ import (
 	"mstore/app/operator"
 	"mstore/app/router"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 func (hand *Handler) ManifestExists(rctx *router.Context) {
@@ -30,7 +29,7 @@ func (hand *Handler) ManifestExists(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -72,7 +71,7 @@ func (hand *Handler) PutManifest(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -105,7 +104,7 @@ func (hand *Handler) GetManifest(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -145,7 +144,7 @@ func (hand *Handler) DeleteManifest(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightWriteImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightWriteImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -174,7 +173,7 @@ func (hand *Handler) GetReferer(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -200,7 +199,7 @@ func (hand *Handler) GetTags(rctx *router.Context) {
 	}
 	// Rigth checking
 	operatorID, _ := rctx.GetString(userTag)
-	opEnable, err := hand.CheckRight(rctx.Ctx, uint64(operatorID), term.RightReadImages, "")
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, term.RightReadImages, "")
 	if err != nil {
 		rctx.SetStatus(http.StatusInternalServerError)
 		return
@@ -19,7 +19,7 @@ func (db *Database) InsertAccount(ctx context.Context, account *descr.Account) e
 	return err
 }

-func (db *Database) UpdateAccountByID(ctx context.Context, accountID uint64, account *descr.Account) error {
+func (db *Database) UpdateAccountByID(ctx context.Context, accountID string, account *descr.Account) error {
 	var err error
 	request := `UPDATE accounts SET username = $1, passhash = $2, disabled = $3, updated_at = $4, updated_by = $5 WHERE id = $6`
 	_, err = db.db.Exec(request, account.Username, account.Passhash, account.Disabled, account.UpdatedAt, account.UpdatedBy, accountID)
@@ -51,7 +51,7 @@ func (db *Database) ListAccounts(ctx context.Context) ([]descr.Account, error) {
 	return res, err
 }

-func (db *Database) GetAccountByID(ctx context.Context, accountID uint64) (bool, *descr.Account, error) {
+func (db *Database) GetAccountByID(ctx context.Context, accountID string) (bool, *descr.Account, error) {
 	var err error
 	var res *descr.Account
 	var exists bool = false
@@ -90,7 +90,7 @@ func (db *Database) GetAccountByUsername(ctx context.Context, username string) (
 	return exists, res, err
 }

-func (db *Database) DeleteAccountByID(ctx context.Context, accountID uint64) error {
+func (db *Database) DeleteAccountByID(ctx context.Context, accountID string) error {
 	var err error

 	request := `DELETE FROM accounts WHERE id = $1`
@@ -27,7 +27,7 @@ func (db *Database) InsertFile(ctx context.Context, file *descr.File) error {
 	return err
 }

-func (db *Database) UpdateFileByID(ctx context.Context, fileID uint64, file *descr.File) error {
+func (db *Database) UpdateFileByID(ctx context.Context, fileID string, file *descr.File) error {
 	var err error
 	request := `UPDATE files SET id = $1, collection = $2, name = $3, type = $4, checksum = $5,
                          size = $6, updated_at = $7, created_by = $8, updated_by = $9
@@ -15,8 +15,8 @@ import (
 	"time"

 	"mstore/pkg/auxtool"
+	"mstore/pkg/auxuuid"
 	"mstore/pkg/descr"
-	"mstore/pkg/auxid"

 	"github.com/stretchr/testify/require"
 )
@@ -13,7 +13,6 @@ import (
 	"context"

 	"mstore/pkg/descr"
-	"mstore/pkg/term"
 )

 func (db *Database) InsertGrant(ctx context.Context, grant *descr.Grant) error {
@@ -28,7 +27,7 @@ func (db *Database) InsertGrant(ctx context.Context, grant *descr.Grant) error {
 	return err
 }

-func (db *Database) UpdateGrantByID(ctx context.Context, grantID uint64, grant *descr.Grant) error {
+func (db *Database) UpdateGrantByID(ctx context.Context, grantID string, grant *descr.Grant) error {
 	var err error
 	request := `UPDATE grants SET pattern = $1, updated_at = $2, updated_by = $3 WHERE id = $4`
 	_, err = db.db.Exec(request, grant.Pattern, grant.UpdatedAt, grant.UpdatedBy, grantID)
@@ -38,7 +37,7 @@ func (db *Database) UpdateGrantByID(ctx context.Context, grantID uint64, grant *
 	return err
 }

-func (db *Database) ListGrantsByAccountID(ctx context.Context, accountID uint64) ([]descr.Grant, error) {
+func (db *Database) ListGrantsByAccountID(ctx context.Context, accountID string) ([]descr.Grant, error) {
 	var err error
 	request := `SELECT * FROM grants WHERE account_id = $1`
 	res := make([]descr.Grant, 0)
@@ -60,12 +59,12 @@ func (db *Database) ListGrants(ctx context.Context) ([]descr.Grant, error) {
 	return res, err
 }

-func (db *Database) GetGrantByID(ctx context.Context, id uint64) (bool, *descr.Grant, error) {
+func (db *Database) GetGrantByID(ctx context.Context, garntID string) (bool, *descr.Grant, error) {
 	var err error
 	res := &descr.Grant{}
 	request := `SELECT * FROM grants WHERE id = $1 LIMIT 1`
 	dbRes := make([]descr.Grant, 0)
-	err = db.db.Select(&dbRes, request, id)
+	err = db.db.Select(&dbRes, request, garntID)
 	if err != nil {
 		return false, res, err
 	}
@@ -77,7 +76,7 @@ func (db *Database) GetGrantByID(ctx context.Context, id uint64) (bool, *descr.G
 	return true, res, err
 }

-func (db *Database) GetGrantByAccoundIDRight(ctx context.Context, accountID uint64, right term.Right) (bool, *descr.Grant, error) {
+func (db *Database) GetGrantByAccoundIDRight(ctx context.Context, accountID, right string) (bool, *descr.Grant, error) {
 	var err error
 	res := &descr.Grant{}
 	request := `SELECT * FROM grants WHERE account_id = $1 AND right = $2 LIMIT 1`
@@ -94,7 +93,7 @@ func (db *Database) GetGrantByAccoundIDRight(ctx context.Context, accountID uint
 	return true, res, err
 }

-func (db *Database) ListGrantsByAccoundIDRight(ctx context.Context, accountID uint64, right term.Right) (bool, []descr.Grant, error) {
+func (db *Database) ListGrantsByAccoundIDRight(ctx context.Context, accountID, right string) (bool, []descr.Grant, error) {
 	var err error
 	request := `SELECT * FROM grants WHERE account_id = $1 AND right = $2`
 	res := make([]descr.Grant, 0)
@@ -108,7 +107,7 @@ func (db *Database) ListGrantsByAccoundIDRight(ctx context.Context, accountID ui
 	return true, res, err
 }

-func (db *Database) GetGrantByAccoundIDRightPattern(ctx context.Context, accountID uint64, right term.Right, pattern string) (bool, *descr.Grant, error) {
+func (db *Database) GetGrantByAccoundIDRightPattern(ctx context.Context, accountID, right, pattern string) (bool, *descr.Grant, error) {
 	var err error
 	res := &descr.Grant{}
 	request := `SELECT * FROM grants WHERE account_id = $1 AND right = $2 AND pattern = $3 LIMIT 1`
@@ -125,7 +124,7 @@ func (db *Database) GetGrantByAccoundIDRightPattern(ctx context.Context, account
 	return true, res, err
 }

-func (db *Database) DeleteGrantByAccountIDRightPattern(ctx context.Context, accountID uint64, right, pattern string) error {
+func (db *Database) DeleteGrantByAccountIDRightPattern(ctx context.Context, accountID, right, pattern string) error {
 	var err error
 	request := `DELETE FROM grants WHERE account_id = $1 AND right = $2 AND pattern = $3`
 	_, err = db.db.Exec(request, accountID, right, pattern)
@@ -135,7 +134,7 @@ func (db *Database) DeleteGrantByAccountIDRightPattern(ctx context.Context, acco
 	return err
 }

-func (db *Database) DeleteGrantByID(ctx context.Context, grantID uint64) error {
+func (db *Database) DeleteGrantByID(ctx context.Context, grantID string) error {
 	var err error
 	request := `DELETE FROM grants WHERE id = $1`
 	_, err = db.db.Exec(request, grantID)
@@ -145,7 +144,7 @@ func (db *Database) DeleteGrantByID(ctx context.Context, grantID uint64) error {
 	return err
 }

-func (db *Database) DeleteAllGrantsForAccountID(ctx context.Context, grantID uint64) error {
+func (db *Database) DeleteAllGrantsForAccountID(ctx context.Context, grantID string) error {
 	var err error
 	request := `DELETE FROM grants WHERE account_id = $1`
 	_, err = db.db.Exec(request, grantID)
@@ -16,8 +16,8 @@ import (
 	"time"

 	"mstore/pkg/auxtool"
+	"mstore/pkg/auxuuid"
 	"mstore/pkg/descr"
-	"mstore/pkg/auxid"

 	"github.com/stretchr/testify/require"
 )
@@ -15,9 +15,9 @@ import (

 	"mstore/pkg/auxpwd"
 	"mstore/pkg/auxtool"
+	"mstore/pkg/auxuuid"
 	"mstore/pkg/descr"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 func (db *Database) WriteAnonymous(ctx context.Context) error {
@@ -41,7 +41,7 @@ func (db *Database) WriteAnonymous(ctx context.Context) error {
 		return err
 	}
 	grantDescr := &descr.Grant{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     term.RightReadFiles,
 		Pattern:   ".*",
@@ -55,7 +55,7 @@ func (db *Database) WriteAnonymous(ctx context.Context) error {
 		return err
 	}
 	grantDescr = &descr.Grant{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     term.RightReadImages,
 		Pattern:   ".*",
@@ -93,7 +93,7 @@ func (db *Database) WriteInituser(ctx context.Context) error {
 	}
 	// Files
 	grantDescr := &descr.Grant{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     term.RightReadFiles,
 		Pattern:   ".*",
@@ -107,7 +107,7 @@ func (db *Database) WriteInituser(ctx context.Context) error {
 		return err
 	}
 	grantDescr = &descr.Grant{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     term.RightWriteFiles,
 		Pattern:   ".*",
@@ -122,7 +122,7 @@ func (db *Database) WriteInituser(ctx context.Context) error {
 	}
 	// Accounts
 	grantDescr = &descr.Grant{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     term.RightReadAccounts,
 		Pattern:   ".*",
@@ -136,7 +136,7 @@ func (db *Database) WriteInituser(ctx context.Context) error {
 		return err
 	}
 	grantDescr = &descr.Grant{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     term.RightWriteAccounts,
 		Pattern:   ".*",
@@ -151,7 +151,7 @@ func (db *Database) WriteInituser(ctx context.Context) error {
 	}
 	// Images
 	grantDescr = &descr.Grant{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     term.RightReadImages,
 		Pattern:   ".*",
@@ -165,7 +165,7 @@ func (db *Database) WriteInituser(ctx context.Context) error {
 		return err
 	}
 	grantDescr = &descr.Grant{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     term.RightWriteImages,
 		Pattern:   ".*",
@@ -6,8 +6,8 @@ import (

 	"mstore/pkg/auxpwd"
 	"mstore/pkg/auxtool"
+	"mstore/pkg/auxuuid"
 	"mstore/pkg/descr"
-	"mstore/pkg/auxid"
 )

 type CreateAccountParams struct {
@@ -15,10 +15,10 @@ type CreateAccountParams struct {
 	Password string `json:"password"`
 }
 type CreateAccountResult struct {
-	AccountID uint64 `json:"accountId"`
+	AccountID string `json:"accountId"`
 }

-func (oper *Operator) CreateAccount(ctx context.Context, operatorID uint64, params *CreateAccountParams) (*CreateAccountResult, error) {
+func (oper *Operator) CreateAccount(ctx context.Context, operatorID string, params *CreateAccountParams) (*CreateAccountResult, error) {
 	var err error
 	res := &CreateAccountResult{}

@@ -43,7 +43,7 @@ func (oper *Operator) CreateAccount(ctx context.Context, operatorID uint64, para
 	now := auxtool.TimeNow()
 	passhash := auxpwd.MakeSHA256Hash([]byte(params.Password))
 	accountDescr := &descr.Account{
-		ID:        auxid.NewID(),
+		ID:        auxuuid.NewUUID(),
 		Username:  params.Username,
 		Passhash:  passhash,
 		Disabled:  false,
@@ -63,17 +63,17 @@ func (oper *Operator) CreateAccount(ctx context.Context, operatorID uint64, para
 // GetAccount
 type GetAccountParams struct {
 	Username  string `json:"username"`
-	AccountID uint64 `json:"accountId"`
+	AccountID string `json:"accountId"`
 }
 type GetAccountResult struct {
 	Account *descr.AccountShort `json:"account"`
 }

-func (oper *Operator) GetAccount(ctx context.Context, operatorID uint64, params *GetAccountParams) (*GetAccountResult, error) {
+func (oper *Operator) GetAccount(ctx context.Context, operatorID string, params *GetAccountParams) (*GetAccountResult, error) {
 	var err error
 	res := &GetAccountResult{}

-	if params.Username == "" && params.AccountID == 0 {
+	if params.Username == "" && params.AccountID == "" {
 		err := fmt.Errorf("Empty username and accountId parameter")
 		return res, err
 	}
@@ -81,7 +81,7 @@ func (oper *Operator) GetAccount(ctx context.Context, operatorID uint64, params
 	var accountDescr *descr.Account
 	var accountExists bool
 	switch {
-	case params.AccountID != 0:
+	case params.AccountID != "":
 		accountExists, accountDescr, err = oper.mdb.GetAccountByID(ctx, params.AccountID)
 		if err != nil {
 			return res, err
@@ -129,24 +129,24 @@ func (oper *Operator) GetAccount(ctx context.Context, operatorID uint64, params

 type UpdateAccountParams struct {
 	Username    string `json:"username"`
-	AccountID   uint64 `json:"accountId"`
+	AccountID   string `json:"accountId"`
 	NewUsername string `json:"newUsername"`
 	NewPassword string `json:"newPassword"`
 	Disabled    bool   `json:"disabled"`
 }
 type UpdateAccountResult struct{}

-func (oper *Operator) UpdateAccount(ctx context.Context, operatorID uint64, params *UpdateAccountParams) (*UpdateAccountResult, error) {
+func (oper *Operator) UpdateAccount(ctx context.Context, operatorID string, params *UpdateAccountParams) (*UpdateAccountResult, error) {
 	var err error
 	res := &UpdateAccountResult{}
-	if params.Username == "" && params.AccountID == 0 {
+	if params.Username == "" && params.AccountID == "" {
 		err := fmt.Errorf("Empty username and accountId parameter")
 		return res, err
 	}
 	var accountDescr *descr.Account
 	var accountExists bool
 	switch {
-	case params.AccountID != 0:
+	case params.AccountID != "":
 		accountExists, accountDescr, err = oper.mdb.GetAccountByID(ctx, params.AccountID)
 		if err != nil {
 			return res, err
@@ -196,11 +196,11 @@ func (oper *Operator) UpdateAccount(ctx context.Context, operatorID uint64, para

 type DeleteAccountParams struct {
 	Username  string `json:"username"`
-	AccountID uint64 `json:"accountId"`
+	AccountID string `json:"accountId"`
 }
 type DeleteAccountResult struct{}

-func (oper *Operator) DeleteAccount(ctx context.Context, operatorID uint64, params *DeleteAccountParams) (*DeleteAccountResult, error) {
+func (oper *Operator) DeleteAccount(ctx context.Context, operatorID string, params *DeleteAccountParams) (*DeleteAccountResult, error) {
 	var err error
 	res := &DeleteAccountResult{}

@@ -16,7 +16,7 @@ import (
 	"net/http"
 	"strconv"

-	"mstore/pkg/auxid"
+	"mstore/pkg/auxuuid"
 )

 type BlobExistsParams struct {
@@ -30,7 +30,7 @@ type BlobExistsResult struct {
 	//Exists              bool
 }

-func (oper *Operator) BlobExists(ctx context.Context, params *BlobExistsParams) (*BlobExistsResult, int, error) {
+func (oper *Operator) BlobExists(ctx context.Context, operatorID string, params *BlobExistsParams) (*BlobExistsResult, int, error) {
 	var err error
 	res := &BlobExistsResult{}

@@ -73,17 +73,17 @@ type PostUploadParams struct {
 	From   string
 }
 type PostUploadResult struct {
-	DockerUploadUUID uint64
+	DockerUploadUUID string
 	Location         string
 	ContentLength    string
 }

-func (oper *Operator) PostUpload(ctx context.Context, params *PostUploadParams) (*PostUploadResult, int, error) {
+func (oper *Operator) PostUpload(ctx context.Context, operatorID string, params *PostUploadParams) (*PostUploadResult, int, error) {
 	var err error
 	res := &PostUploadResult{}

 	if params.Digest == "" {
-		uuid := uuid.NewUUID()
+		uuid := auxuuid.NewUUID()
 		location := fmt.Sprintf("/v2/%s/blobs/uploads/%s", params.Name, uuid)
 		res.DockerUploadUUID = uuid
 		res.Location = location
@@ -110,7 +110,7 @@ type PatchUploadResult struct {
 }

 // TODO: partial uploading by range?
-func (oper *Operator) PatchUpload(ctx context.Context, params *PatchUploadParams) (*PatchUploadResult, int, error) {
+func (oper *Operator) PatchUpload(ctx context.Context, operatorID string, params *PatchUploadParams) (*PatchUploadResult, int, error) {
 	var err error
 	res := &PatchUploadResult{}

@@ -177,7 +177,7 @@ type PutUploadResult struct {
 	Location string
 }

-func (oper *Operator) PutUpload(ctx context.Context, params *PutUploadParams) (*PutUploadResult, int, error) {
+func (oper *Operator) PutUpload(ctx context.Context, operatorID string, params *PutUploadParams) (*PutUploadResult, int, error) {
 	var err error
 	res := &PutUploadResult{}

@@ -234,7 +234,7 @@ type GetBlobResult struct {
 	ReadCloser          io.ReadCloser
 }

-func (oper *Operator) GetBlob(ctx context.Context, params *GetBlobParams) (*GetBlobResult, int, error) {
+func (oper *Operator) GetBlob(ctx context.Context, operatorID string, params *GetBlobParams) (*GetBlobResult, int, error) {
 	var err error
 	res := &GetBlobResult{}

@@ -282,7 +282,7 @@ type DeleteBlobResult struct{}
 // - It also prevents the manifest from being issued, as one
 // of the layers is missing.

-func (oper *Operator) DeleteBlob(ctx context.Context, params *DeleteBlobParams) (*DeleteBlobResult, int, error) {
+func (oper *Operator) DeleteBlob(ctx context.Context, operatorID string, params *DeleteBlobParams) (*DeleteBlobResult, int, error) {
 	var err error
 	res := &DeleteBlobResult{}

@@ -22,9 +22,9 @@ import (
 	"strings"

 	"mstore/pkg/auxtool"
+	"mstore/pkg/auxuuid"
 	"mstore/pkg/descr"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 // FileInfo
@@ -41,9 +41,9 @@ type FileInfoResult struct {
 	ContentDigest     string

 	ContentCreatedAt string
-	ContentCreatedBy uint64
+	ContentCreatedBy string
 	ContentUpdatedAt string
-	ContentUpdatedBy uint64
+	ContentUpdatedBy string
 }

 func cleanFilepath(filename string) (string, error) {
@@ -51,7 +51,7 @@ func cleanFilepath(filename string) (string, error) {
 	return filepath.Clean(filename), nil
 }

-func (oper *Operator) FileInfo(ctx context.Context, operatorID uint64, param *FileInfoParams) (int, *FileInfoResult, error) {
+func (oper *Operator) FileInfo(ctx context.Context, operatorID string, param *FileInfoParams) (int, *FileInfoResult, error) {
 	var err error
 	code := http.StatusOK
 	res := &FileInfoResult{}
@@ -101,7 +101,7 @@ type PutFileResult struct{}
 const defaultContentType = "application/octet-stream"

 // TODO: checking catalog and file names conflict
-func (oper *Operator) PutFile(ctx context.Context, operatorID uint64, param *PutFileParams) (int, *PutFileResult, error) {
+func (oper *Operator) PutFile(ctx context.Context, operatorID string, param *PutFileParams) (int, *PutFileResult, error) {
 	var err error
 	res := &PutFileResult{}

@@ -155,7 +155,7 @@ func (oper *Operator) PutFile(ctx context.Context, operatorID uint64, param *Put
 		}
 	} else {
 		fileDescr = &descr.File{
-			ID:         uuid.NewUUID(),
+			ID:         auxuuid.NewUUID(),
 			Name:       filename,
 			Collection: collection,
 			Size:       size,
@@ -193,12 +193,12 @@ type GetFileResult struct {
 	Source        io.ReadCloser

 	ContentCreatedAt string
-	ContentCreatedBy uint64
+	ContentCreatedBy string
 	ContentUpdatedAt string
-	ContentUpdatedBy uint64
+	ContentUpdatedBy string
 }

-func (oper *Operator) GetFile(ctx context.Context, operatorID uint64, param *GetFileParams) (int, *GetFileResult, error) {
+func (oper *Operator) GetFile(ctx context.Context, operatorID string, param *GetFileParams) (int, *GetFileResult, error) {
 	var err error
 	res := &GetFileResult{}

@@ -247,7 +247,7 @@ type DeleteFileParams struct {
 }
 type DeleteFileResult struct{}

-func (oper *Operator) DeleteFile(ctx context.Context, operatorID uint64, param *DeleteFileParams) (int, *DeleteFileResult, error) {
+func (oper *Operator) DeleteFile(ctx context.Context, operatorID string, param *DeleteFileParams) (int, *DeleteFileResult, error) {
 	var err error
 	res := &DeleteFileResult{}
 	code := http.StatusOK
@@ -288,13 +288,13 @@ func (oper *Operator) DeleteFile(ctx context.Context, operatorID uint64, param *
 // ListFiles
 type ListFilesParams struct {
 	Filepath string
-	PathAs   term.PathUsage `param:"pathAs"`
+	PathAs   string `param:"pathAs"`
 }
 type ListFilesResult struct {
 	Files []descr.File `json:"files,omitempty"`
 }

-func (oper *Operator) ListFiles(ctx context.Context, operatorID uint64, params *ListFilesParams) (int, *ListFilesResult, error) {
+func (oper *Operator) ListFiles(ctx context.Context, operatorID string, params *ListFilesParams) (int, *ListFilesResult, error) {
 	var err error
 	res := &ListFilesResult{
 		Files: make([]descr.File, 0),
@@ -400,13 +400,13 @@ func (oper *Operator) listFilesWithRegex(ctx context.Context, regex string) ([]d
 // ListCollections
 type ListCollectionsParams struct {
 	Path   string
-	PathAS term.PathUsage `param:"pathAs"`
+	PathAS string `param:"pathAs"`
 }
 type ListCollectionsResult struct {
 	Collections []string `json:"collection,omitempty"`
 }

-func (oper *Operator) ListCollections(ctx context.Context, operatorID uint64, param *ListCollectionsParams) (int, *ListCollectionsResult, error) {
+func (oper *Operator) ListCollections(ctx context.Context, operatorID string, param *ListCollectionsParams) (int, *ListCollectionsResult, error) {
 	var err error
 	res := &ListCollectionsResult{
 		Collections: make([]string, 0),
@@ -532,14 +532,14 @@ func (oper *Operator) listAllCollections(ctx context.Context) ([]string, error)
 // DeleteColletion
 type DeleteColletionParams struct {
 	Path   string
-	PathAs term.PathUsage `param:"pathAs"`
+	PathAs string `param:"pathAs"`
 	DryRun bool   `param:"dryRun"`
 }
 type DeleteColletionResult struct {
 	Files []descr.File `json:"files,omitempty"`
 }

-func (oper *Operator) DeleteColletion(ctx context.Context, operatorID uint64, param *DeleteColletionParams) (int, *DeleteColletionResult, error) {
+func (oper *Operator) DeleteColletion(ctx context.Context, operatorID string, param *DeleteColletionParams) (int, *DeleteColletionResult, error) {
 	var err error
 	res := &DeleteColletionResult{
 		Files: make([]descr.File, 0),
@@ -6,23 +6,22 @@ import (
 	"regexp"

 	"mstore/pkg/auxtool"
+	"mstore/pkg/auxuuid"
 	"mstore/pkg/descr"
-	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 // CreateGrant
 type CreateGrantParams struct {
-	AccountID uint64  `json:"accountID"`
+	AccountID string `json:"accountID"`
 	Username  string `json:"username"`
-	Right     term.Right `json:"operation"`
+	Right     string `json:"operation"`
 	Pattern   string `json:"pattern"`
 }
 type CreateGrantResult struct {
-	GrantID uint64 `json:"grantId"`
+	GrantID string `json:"grantId"`
 }

-func (oper *Operator) CreateGrant(ctx context.Context, operatorID uint64, params *CreateGrantParams) (*CreateGrantResult, error) {
+func (oper *Operator) CreateGrant(ctx context.Context, operatorID string, params *CreateGrantParams) (*CreateGrantResult, error) {
 	var err error
 	res := &CreateGrantResult{}

@@ -81,7 +80,7 @@ func (oper *Operator) CreateGrant(ctx context.Context, operatorID uint64, params
 	oper.logg.Debugf("Call CreateGrant")
 	now := auxtool.TimeNow()
 	grantDescr := &descr.Grant{
-		ID:        uuid.NewUUID(),
+		ID:        auxuuid.NewUUID(),
 		AccountID: accountDescr.ID,
 		Right:     params.Right,
 		Pattern:   params.Pattern,
@@ -100,12 +99,12 @@ func (oper *Operator) CreateGrant(ctx context.Context, operatorID uint64, params

 // UpdateGrant
 type UpdateGrantParams struct {
-	GrantID    uint64
+	GrantID    string
 	NewPattern string
 }
 type UpdateGrantResult struct{}

-func (oper *Operator) UpdateGrant(ctx context.Context, operatorID uint64, params *UpdateGrantParams) (*UpdateGrantResult, error) {
+func (oper *Operator) UpdateGrant(ctx context.Context, operatorID string, params *UpdateGrantParams) (*UpdateGrantResult, error) {
 	var err error
 	res := &UpdateGrantResult{}

@@ -143,11 +142,11 @@ func (oper *Operator) UpdateGrant(ctx context.Context, operatorID uint64, params

 // DeleteGrant
 type DeleteGrantParams struct {
-	GrantID uint64 `json:"grantId"`
+	GrantID string `json:"grantId"`
 }
 type DeleteGrantResult struct{}

-func (oper *Operator) DeleteGrant(ctx context.Context, operatorID uint64, params *DeleteGrantParams) (*DeleteGrantResult, error) {
+func (oper *Operator) DeleteGrant(ctx context.Context, operatorID string, params *DeleteGrantParams) (*DeleteGrantResult, error) {
 	var err error
 	res := &DeleteGrantResult{}

@@ -177,13 +176,13 @@ func (oper *Operator) DeleteGrant(ctx context.Context, operatorID uint64, params
 // ListGrants
 type ListGrantsParams struct {
 	Username  string
-	AccountID uint64
+	AccountID string
 }
 type ListGrantsResult struct {
 	Grants []descr.Grant `json:"grants"`
 }

-func (oper *Operator) ListGrants(ctx context.Context, operatorID uint64, params *ListGrantsParams) (*ListGrantsResult, error) {
+func (oper *Operator) ListGrants(ctx context.Context, operatorID string, params *ListGrantsParams) (*ListGrantsResult, error) {
 	var err error
 	res := &ListGrantsResult{
 		Grants: make([]descr.Grant, 0),
@@ -224,13 +223,13 @@ func (oper *Operator) ListGrants(ctx context.Context, operatorID uint64, params

 // Get Grants
 type GetGrantParams struct {
-	GrantID uint64 `json:"grantId"`
+	GrantID string `json:"grantId"`
 }
 type GetGrantResult struct {
 	Grant *descr.Grant `json:"grant"`
 }

-func (oper *Operator) GetGrant(ctx context.Context, operatorID uint64, params *GetGrantParams) (*GetGrantResult, error) {
+func (oper *Operator) GetGrant(ctx context.Context, operatorID string, params *GetGrantParams) (*GetGrantResult, error) {
 	var err error
 	res := &GetGrantResult{}

@@ -11,8 +11,8 @@ package operator

 import (
 	"mstore/pkg/auxtool"
+	"mstore/pkg/auxuuid"
 	"mstore/pkg/descr"
-	"mstore/pkg/auxid"

 	ocidigest "github.com/opencontainers/go-digest"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
@@ -29,7 +29,7 @@ func descrsFromManifest(name, reference string, manifest *ocispec.Manifest, rawM
 	// Make manifest descriptor
 	manifestDigest := ocidigest.SHA256.FromBytes(rawManifest).String()
 	manifestDescr = descr.Manifest{
-		ID:          uuid.NewUUID(),
+		ID:          auxuuid.NewUUID(),
 		Name:        name,
 		Reference:   reference,
 		Digest:      manifestDigest,
@@ -41,7 +41,7 @@ func descrsFromManifest(name, reference string, manifest *ocispec.Manifest, rawM
 	// Make config descriptor
 	ociConfig := manifest.Config
 	configDescr := descr.Blob{
-		ID:        uuid.NewUUID(),
+		ID:        auxuuid.NewUUID(),
 		Name:      name,
 		Reference: reference,
 		MediaType: ociConfig.MediaType,
@@ -55,7 +55,7 @@ func descrsFromManifest(name, reference string, manifest *ocispec.Manifest, rawM
 	layerMap := make(map[string]bool)
 	for _, layer := range manifest.Layers {
 		blobDescr := descr.Blob{
-			ID:        uuid.NewUUID(),
+			ID:        auxuuid.NewUUID(),
 			Name:      name,
 			Reference: reference,
 			MediaType: layer.MediaType,
@@ -112,7 +112,7 @@ func layersDiff(name, reference string, existingManifest, incomingManifest *ocis
 	timestamp := auxtool.TimeNow()
 	for _, layer := range newLayers {
 		blobDescr := descr.Blob{
-			ID:        uuid.NewUUID(),
+			ID:        auxuuid.NewUUID(),
 			Name:      name,
 			Reference: reference,
 			MediaType: layer.MediaType,
@@ -126,7 +126,7 @@ func layersDiff(name, reference string, existingManifest, incomingManifest *ocis
 	// Converting to old blobs
 	for _, layer := range delLayers {
 		blobDescr := descr.Blob{
-			ID:        uuid.NewUUID(),
+			ID:        auxuuid.NewUUID(),
 			Name:      name,
 			Reference: reference,
 			MediaType: layer.MediaType,
@@ -20,8 +20,7 @@ import (
 	"path/filepath"

 	"mstore/app/logger"
-	"mstore/pkg/auxid"
-
+	"mstore/pkg/auxuuid"
 )

 const (
@@ -81,8 +80,7 @@ func (store *Storage) WriteTempFile(source io.Reader) (string, int64, string, er
 	var size int64
 	var csum string

-
-	tmpname := fmt.Sprintf("file-%d-%d.tmp", auxid.NewID(), auxid.NewID())
+	tmpname := fmt.Sprintf("file-%d-%d.tmp", auxuuid.NewUUID(), auxuuid.NewUUID())
 	tmppath := store.makeTmppath(tmpname)

 	tmpdirpath := store.makeTmpsubdir()
@@ -21,7 +21,6 @@ import (
 	"mstore/pkg/client"
 	"mstore/pkg/descr"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 const (
@@ -126,8 +125,8 @@ type CreateAccountParams struct {
 	NewPassword string
 }
 type CreateAccountResult struct {
-	AccountID uint64                `yaml:"accountId"`
-	Grants    map[uint64]term.Right `yaml:"grantsIds,omitempty"`
+	AccountID string            `yaml:"accountId"`
+	Grants    map[string]string `yaml:"grantsIds,omitempty"`
 }

 func (util *AccountUtil) CreateAccount(cmd *cobra.Command, args []string) {
@@ -141,7 +140,7 @@ func (util *AccountUtil) CreateAccount(cmd *cobra.Command, args []string) {
 func (util *AccountUtil) createAccount(common *CommonAccountParams, params *CreateAccountParams) (*CreateAccountResult, error) {
 	var err error
 	res := &CreateAccountResult{
-		Grants: make(map[uint64]term.Right, 0),
+		Grants: make(map[string]string, 0),
 	}
 	hostname, err := packUserinfo(common.Hostname, common.Username, common.Password)
 	if err != nil {
@@ -154,7 +153,7 @@ func (util *AccountUtil) createAccount(common *CommonAccountParams, params *Crea
 		return res, err
 	}

-	fullRights := []term.Right{
+	fullRights := []string{
 		term.RightWriteAccounts,
 		term.RightReadAccounts,
 		term.RightWriteFiles,
@@ -203,7 +202,7 @@ func (util *AccountUtil) updateAccount(common *CommonAccountParams, params *Upda
 	re := regexp.MustCompile(uuidRegex)
 	id := strings.ToLower(params.AccountID)
 	if re.MatchString(id) {
-		err = client.NewClient().UpdateAccountByID(ctx, hostname, uint64(id), params.NewUsername, params.NewPassword)
+		err = client.NewClient().UpdateAccountByID(ctx, hostname, id, params.NewUsername, params.NewPassword)
 	} else {
 		err = client.NewClient().UpdateAccountByName(ctx, hostname, params.AccountID, params.NewUsername, params.NewPassword)
 	}
@@ -244,7 +243,7 @@ func (util *AccountUtil) getAccount(common *CommonAccountParams, params *GetAcco
 	re := regexp.MustCompile(uuidRegex)
 	id := strings.ToLower(params.AccountID)
 	if re.MatchString(id) {
-		opRes, err = client.NewClient().GetAccountByID(ctx, hostname, uint64(id))
+		opRes, err = client.NewClient().GetAccountByID(ctx, hostname, id)
 	} else {
 		opRes, err = client.NewClient().GetAccountByName(ctx, hostname, params.AccountID)
 	}
@@ -281,7 +280,7 @@ func (util *AccountUtil) deleteAccount(common *CommonAccountParams, params *Dele
 	re := regexp.MustCompile(uuidRegex)
 	id := strings.ToLower(params.AccountID)
 	if re.MatchString(id) {
-		err = client.NewClient().DeleteAccountByID(ctx, hostname, uint64(id))
+		err = client.NewClient().DeleteAccountByID(ctx, hostname, id)
 	} else {
 		err = client.NewClient().DeleteAccountByName(ctx, hostname, params.AccountID)
 	}
@@ -300,8 +299,8 @@ type ListAccountsParams struct {

 type Userinfo struct {
 	Username  string            `yaml:"username,omitempty"`
-	AccountID uint64                `yaml:"accountId,omitempty"`
-	Rights    map[uint64]term.Right `yaml:"rights,omitempty"`
+	AccountID string            `yaml:"accountId,omitempty"`
+	Rights    map[string]string `yaml:"rights,omitempty"`
 }

 type ListAccountsResult struct {
@@ -350,7 +349,7 @@ func (util *AccountUtil) listAccounts(common *CommonAccountParams, params *ListA
 			userinfo := Userinfo{
 				Username:  account.Username,
 				AccountID: account.ID,
-				Rights:    make(map[uint64]term.Right, 0),
+				Rights:    make(map[string]string, 0),
 			}
 			for _, grant := range account.Grants {
 				userinfo.Rights[grant.ID] = grant.Right
@@ -338,18 +338,18 @@ func (util *FileUtil) listFiles(common *CommonFileParams, params *ListFilesParam
 	if params.AsRegexp {
 		params.AsPrefix = false
 	}
-	var pathAs term.PathUsage
+	var pathUsage string
 	switch {
 	case params.AsRegexp:
-		pathAs = term.AsRegexp
+		pathUsage = term.AsRegexp
 	case params.AsPrefix:
-		pathAs = term.AsPrefix
+		pathUsage = term.AsPrefix
 	default:
-		pathAs = term.AsFinePath
+		pathUsage = term.AsFinePath
 	}
 	timeout := time.Duration(common.Timeout) * time.Second
 	ctx, _ := context.WithTimeout(context.Background(), timeout)
-	files, err := client.NewClient().ListFiles(ctx, params.Filepath, pathAs)
+	files, err := client.NewClient().ListFiles(ctx, params.Filepath, pathUsage)
 	if err != nil {
 		return res, err
 	}
@@ -464,18 +464,18 @@ func (util *FileUtil) exportFiles(common *CommonFileParams, params *ExportFilesP
 	if params.AsRegexp {
 		params.AsPrefix = false
 	}
-	var pathAs term.PathUsage
+	var pathUsage string
 	switch {
 	case params.AsRegexp:
-		pathAs = term.AsRegexp
+		pathUsage = term.AsRegexp
 	case params.AsPrefix:
-		pathAs = term.AsPrefix
+		pathUsage = term.AsPrefix
 	default:
-		pathAs = term.AsFinePath
+		pathUsage = term.AsFinePath
 	}
 	timeout := time.Duration(common.Timeout) * time.Second
 	ctx, _ := context.WithTimeout(context.Background(), timeout)
-	files, err := client.NewClient().ListFiles(ctx, params.Filepath, pathAs)
+	files, err := client.NewClient().ListFiles(ctx, params.Filepath, pathUsage)
 	if err != nil {
 		return res, err
 	}
@@ -553,18 +553,18 @@ func (util *FileUtil) listCollections(common *CommonFileParams, params *ListColl
 	if params.AsRegexp {
 		params.AsPrefix = false
 	}
-	var pathAs term.PathUsage
+	var pathUsage string
 	switch {
 	case params.AsRegexp:
-		pathAs = term.AsRegexp
+		pathUsage = term.AsRegexp
 	case params.AsPrefix:
-		pathAs = term.AsPrefix
+		pathUsage = term.AsPrefix
 	default:
-		pathAs = term.AsFinePath
+		pathUsage = term.AsFinePath
 	}
 	timeout := time.Duration(common.Timeout) * time.Second
 	ctx, _ := context.WithTimeout(context.Background(), timeout)
-	collecions, err := client.NewClient().ListCollections(ctx, params.Path, pathAs)
+	collecions, err := client.NewClient().ListCollections(ctx, params.Path, pathUsage)
 	if err != nil {
 		return res, err
 	}
@@ -603,14 +603,14 @@ func (util *FileUtil) deleteCollection(common *CommonFileParams, params *DeleteC
 	}
 	timeout := time.Duration(common.Timeout) * time.Second
 	ctx, _ := context.WithTimeout(context.Background(), timeout)
-	var pathAs term.PathUsage
+	var pathUsage string
 	switch {
 	case params.AsPrefix:
-		pathAs = term.AsPrefix
+		pathUsage = term.AsPrefix
 	default:
-		pathAs = term.AsFinePath
+		pathUsage = term.AsFinePath
 	}
-	files, err := client.NewClient().DeleteCollection(ctx, params.Path, pathAs, params.DryRun)
+	files, err := client.NewClient().DeleteCollection(ctx, params.Path, pathUsage, params.DryRun)
 	if err != nil {
 		return res, err
 	}
@@ -20,8 +20,6 @@ import (

 	"mstore/pkg/client"
 	"mstore/pkg/descr"
-	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

 func (util *GrantUtil) CreateGrantCmds() *cobra.Command {
@@ -117,7 +115,7 @@ type CreateGrantParams struct {
 	Pattern   string
 }
 type CreateGrantResult struct {
-	GrantID uint64 `yaml:"grantId"`
+	GrantID string `yaml:"grantId"`
 }

 func (util *GrantUtil) CreateGrant(cmd *cobra.Command, args []string) {
@@ -140,11 +138,11 @@ func (util *GrantUtil) createGrant(common *CommonGrantParams, params *CreateGran
 	ctx, _ := context.WithTimeout(context.Background(), timeout)
 	re := regexp.MustCompile(uuidRegex)
 	id := strings.ToLower(params.AccountID)
-	var operRes uint64
+	var operRes string
 	if re.MatchString(id) {
-		operRes, err = client.NewClient().CreateGrantByAccountID(ctx, hostname, uint64(id), term.Right(params.Right), params.Pattern)
+		operRes, err = client.NewClient().CreateGrantByAccountID(ctx, hostname, id, params.Right, params.Pattern)
 	} else {
-		operRes, err = client.NewClient().CreateGrantByUsername(ctx, hostname, params.AccountID, term.Right(params.Right), params.Pattern)
+		operRes, err = client.NewClient().CreateGrantByUsername(ctx, hostname, params.AccountID, params.Right, params.Pattern)
 	}
 	if err != nil {
 		return res, err
@@ -178,7 +176,7 @@ func (util *GrantUtil) updateGrant(common *CommonGrantParams, params *UpdateGran
 	timeout := time.Duration(common.Timeout) * time.Second
 	ctx, _ := context.WithTimeout(context.Background(), timeout)
 	id := strings.ToLower(params.GrantID)
-	err = client.NewClient().UpdateGrant(ctx, hostname, uint64(id), params.Pattern)
+	err = client.NewClient().UpdateGrant(ctx, hostname, id, params.Pattern)
 	if err != nil {
 		return res, err
 	}
@@ -214,7 +212,7 @@ func (util *GrantUtil) getGrant(common *CommonGrantParams, params *GetGrantParam
 	opRes := &descr.Grant{}

 	id := strings.ToLower(params.GrantID)
-	opRes, err = client.NewClient().GetGrant(ctx, hostname, uint64(id))
+	opRes, err = client.NewClient().GetGrant(ctx, hostname, id)
 	if err != nil {
 		return res, err
 	}
@@ -245,7 +243,7 @@ func (util *GrantUtil) deleteGrant(common *CommonGrantParams, params *DeleteGran
 	timeout := time.Duration(common.Timeout) * time.Second
 	ctx, _ := context.WithTimeout(context.Background(), timeout)
 	id := strings.ToLower(params.GrantID)
-	err = client.NewClient().DeleteGrant(ctx, hostname, uint64(id))
+	err = client.NewClient().DeleteGrant(ctx, hostname, id)
 	if err != nil {
 		return res, err
 	}
@@ -260,7 +258,7 @@ type ListGrantsParams struct {

 type ListGrantsResult struct {
 	Grants []descr.Grant     `yaml:"grants,omitempty"`
-	Rights map[uint64]term.Right `yaml:"rights,omitempty"`
+	Rights map[string]string `yaml:"rights,omitempty"`
 }

 func (util *GrantUtil) ListGrants(cmd *cobra.Command, args []string) {
@@ -282,7 +280,7 @@ func (util *GrantUtil) listGrants(common *CommonGrantParams, params *ListGrantsP
 	re := regexp.MustCompile(uuidRegex)
 	id := strings.ToLower(params.AccountID)
 	if re.MatchString(id) {
-		grants, err = client.NewClient().ListGrantsByAccountID(ctx, hostname, uint64(id))
+		grants, err = client.NewClient().ListGrantsByAccountID(ctx, hostname, id)
 	} else {
 		grants, err = client.NewClient().ListGrantsByUsername(ctx, hostname, params.AccountID)
 	}
@@ -292,7 +290,7 @@ func (util *GrantUtil) listGrants(common *CommonGrantParams, params *ListGrantsP
 	if params.Detail {
 		res.Grants = grants
 	} else {
-		res.Rights = make(map[uint64]term.Right, 0)
+		res.Rights = make(map[string]string, 0)
 		for _, item := range grants {
 			res.Rights[item.ID] = item.Right
 		}
@@ -0,0 +1,54 @@
+-----BEGIN CERTIFICATE-----
+MIIEojCCBCmgAwIBAgISBpbPr7WFeCJ3U8QDioKGHkQiMAoGCCqGSM49BAMDMDIx
+CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
+ODAeFw0yNjAyMTIwOTExMDVaFw0yNjA1MTMwOTExMDRaMBgxFjAUBgNVBAMTDWRl
+di51bml4Ny5vcmcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATZnNwUA6M5kqmq
+36oRkUTC+fSPlLiLDs3Vz6fPdYBWIokPKG+UqAS4WjfXXQEPwqGeoef0b5elB7dg
+6GjwOhJio4IDNzCCAzMwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUF
+BwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBme/mBwOaT6f4yzzCBc4i/NPQBY
+MB8GA1UdIwQYMBaAFI8NE6L2Ln7RUGwzGDhdWY4jcpHKMDIGCCsGAQUFBwEBBCYw
+JDAiBggrBgEFBQcwAoYWaHR0cDovL2U4LmkubGVuY3Iub3JnLzCCATUGA1UdEQSC
+ASwwggEogg1haXIudW5peDcub3JnghJhaXJmb3JjZS51bml4Ny5vcmeCDWRldi51
+bml4Ny5vcmeCDWVkdS51bml4Ny5vcmeCEGVkdW1heC51bml4Ny5vcmeCDWdpdC51
+bml4Ny5vcmeCDWhhbS51bml4Ny5vcmeCDmhhc2gudW5peDcub3JnggxoZC51bml4
+Ny5vcmeCDm1haWwudW5peDcub3Jnggxtdy51bml4Ny5vcmeCDG14LnVuaXg3Lm9y
+Z4IOcGlraS51bml4Ny5vcmeCDHJtLnVuaXg3Lm9yZ4IQc3RvcmV4LnVuaXg3Lm9y
+Z4INdzEyLnVuaXg3Lm9yZ4INdzEzLnVuaXg3Lm9yZ4IOd2lraS51bml4Ny5vcmeC
+DXd3dy51bml4Ny5vcmcwEwYDVR0gBAwwCjAIBgZngQwBAgEwLQYDVR0fBCYwJDAi
+oCCgHoYcaHR0cDovL2U4LmMubGVuY3Iub3JnLzM1LmNybDCCAQsGCisGAQQB1nkC
+BAIEgfwEgfkA9wB1AGQRxGykEuyniRyiAi4AvKtPKAfUHjUnq+r+1QPJfc3wAAAB
+nFFT2U0AAAQDAEYwRAIgbuNiYUqwgxi9Oycm2D6h8sclWLcBXHtqFWpwJT3dwbgC
+IBBjMRcAmxZKE9PIgFqMvosPNQ7AAkbEfudVtqNkfwXJAH4Apcl4kl1XRheChw3Y
+iWYLXFVki30AQPLsB2hR0YhpGfcAAAGcUVPcHQAIAAAFADH4c7UEAwBHMEUCIQDz
+p9aYuw9jAZjxM8U3Qq7M4vFpp0GZDm80tpTdKYNjjwIgQ/e/lWg6uqQsjBytcaOG
+IVXPEyB0n8fflOf+Ekh51DUwCgYIKoZIzj0EAwMDZwAwZAIwRrEAdYBcRU46Pold
+w4VjUGnGsYEUqlsjrmn4awY01YGWknPaX5sTAI3hTuA32eOUAjA1dSANAAyO+icj
+1ZiPZUGFjaMdkEu6Y/Ge8aueAUItNj9eF0ahlgZEnSlhHrswoZo=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIEVjCCAj6gAwIBAgIQY5WTY8JOcIJxWRi/w9ftVjANBgkqhkiG9w0BAQsFADBP
+MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy
+Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa
+Fw0yNzAzMTIyMzU5NTlaMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF
+bmNyeXB0MQswCQYDVQQDEwJFODB2MBAGByqGSM49AgEGBSuBBAAiA2IABNFl8l7c
+S7QMApzSsvru6WyrOq44ofTUOTIzxULUzDMMNMchIJBwXOhiLxxxs0LXeb5GDcHb
+R6EToMffgSZjO9SNHfY9gjMy9vQr5/WWOrQTZxh7az6NSNnq3u2ubT6HTKOB+DCB
+9TAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFI8NE6L2Ln7RUGwzGDhdWY4j
+cpHKMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEB
+BCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzATBgNVHSAE
+DDAKMAgGBmeBDAECATAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5j
+ci5vcmcvMA0GCSqGSIb3DQEBCwUAA4ICAQBnE0hGINKsCYWi0Xx1ygxD5qihEjZ0
+RI3tTZz1wuATH3ZwYPIp97kWEayanD1j0cDhIYzy4CkDo2jB8D5t0a6zZWzlr98d
+AQFNh8uKJkIHdLShy+nUyeZxc5bNeMp1Lu0gSzE4McqfmNMvIpeiwWSYO9w82Ob8
+otvXcO2JUYi3svHIWRm3+707DUbL51XMcY2iZdlCq4Wa9nbuk3WTU4gr6LY8MzVA
+aDQG2+4U3eJ6qUF10bBnR1uuVyDYs9RhrwucRVnfuDj29CMLTsplM5f5wSV5hUpm
+Uwp/vV7M4w4aGunt74koX71n4EdagCsL/Yk5+mAQU0+tue0JOfAV/R6t1k+Xk9s2
+HMQFeoxppfzAVC04FdG9M+AC2JWxmFSt6BCuh3CEey3fE52Qrj9YM75rtvIjsm/1
+Hl+u//Wqxnu1ZQ4jpa+VpuZiGOlWrqSP9eogdOhCGisnyewWJwRQOqK16wiGyZeR
+xs/Bekw65vwSIaVkBruPiTfMOo0Zh4gVa8/qJgMbJbyrwwG97z/PRgmLKCDl8z3d
+tA0Z7qq7fta0Gl24uyuB05dqI5J1LvAzKuWdIjT1tP8qCoxSE/xpix8hX2dt3h+/
+jujUgFPFZ0EVZ0xSyBNRF3MboGZnYXFUxpNjTWPKpagDHJQmqrAcDmWJnMsFY3jS
+u1igv3OefnWjSQ==
+-----END CERTIFICATE-----
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIOqwKQF1VWp3lSiIgD5E1ZNGXf/IlBLwEp8F+YooRiuGoAoGCCqGSM49
+AwEHoUQDQgAE2ZzcFAOjOZKpqt+qEZFEwvn0j5S4iw7N1c+nz3WAViKJDyhvlKgE
+uFo3110BD8KhnqHn9G+XpQe3YOho8DoSYg==
+-----END EC PRIVATE KEY-----
@@ -0,0 +1,4 @@
+certpath: mstored.crt
+keypath: mstored.key
+
+
@@ -7,16 +7,14 @@
 * Distribution of this work is permitted, but commercial use and
 * modifications are strictly prohibited.
 */
-package uuid
+package auxuuid

 import (
 	"github.com/google/uuid"
 )

-type UUID string
+const ZeroUUID string = "00000000-0000-0000-0000-000000000000"

-const ZeroUUID UUID = "00000000-0000-0000-0000-000000000000"
-
-func NewUUID() UUID {
-	return UUID(uuid.New().String())
+func NewUUID() string {
+	return uuid.New().String()
 }
@@ -17,12 +17,11 @@ import (
 	"mstore/app/handler"
 	"mstore/app/operator"
 	"mstore/pkg/descr"
-	"mstore/pkg/auxid"
 )

-func (cli *Client) CreateAccount(ctx context.Context, hosturi, username, password string) (uint64, error) {
+func (cli *Client) CreateAccount(ctx context.Context, hosturi, username, password string) (string, error) {
 	var err error
-	var res uint64
+	var res string

 	apiuri, err := setApiPath(hosturi, "/v3/api/account/create")
 	if err != nil {
@@ -54,7 +53,7 @@ func (cli *Client) CreateAccount(ctx context.Context, hosturi, username, passwor
 	return res, err
 }

-func (cli *Client) GetAccountByID(ctx context.Context, hosturi string, id uint64) (*descr.AccountShort, error) {
+func (cli *Client) GetAccountByID(ctx context.Context, hosturi, accountID string) (*descr.AccountShort, error) {
 	var err error
 	res := &descr.AccountShort{}

@@ -64,7 +63,7 @@ func (cli *Client) GetAccountByID(ctx context.Context, hosturi string, id uint64
 	}

 	operParams := operator.GetAccountParams{
-		AccountID: id,
+		AccountID: accountID,
 	}
 	paramsJson, err := json.Marshal(operParams)
 	if err != nil {
@@ -121,7 +120,7 @@ func (cli *Client) GetAccountByName(ctx context.Context, hosturi, username strin
 	return res, err
 }

-func (cli *Client) UpdateAccountByID(ctx context.Context, hosturi string, id uint64, newUsername, newPassword string) error {
+func (cli *Client) UpdateAccountByID(ctx context.Context, hosturi string, accountID, newUsername, newPassword string) error {
 	var err error

 	apipath, err := setApiPath(hosturi, "/v3/api/account/update")
@@ -129,7 +128,7 @@ func (cli *Client) UpdateAccountByID(ctx context.Context, hosturi string, id uin
 		return err
 	}
 	operParams := operator.UpdateAccountParams{
-		AccountID:   id,
+		AccountID:   accountID,
 		NewUsername: newUsername,
 		NewPassword: newPassword,
 	}
@@ -215,7 +214,7 @@ func (cli *Client) DeleteAccountByName(ctx context.Context, hosturi, username st
 	return err
 }

-func (cli *Client) DeleteAccountByID(ctx context.Context, hosturi string, id uint64) error {
+func (cli *Client) DeleteAccountByID(ctx context.Context, hosturi, accountID string) error {
 	var err error

 	apipath, err := setApiPath(hosturi, "/v3/api/account/delete")
@@ -223,7 +222,7 @@ func (cli *Client) DeleteAccountByID(ctx context.Context, hosturi string, id uin
 		return err
 	}
 	operParams := operator.DeleteAccountParams{
-		AccountID: id,
+		AccountID: accountID,
 	}
 	paramsJson, err := json.Marshal(operParams)
 	if err != nil {
@@ -23,7 +23,6 @@ import (

 	"mstore/pkg/auxhttp"
 	"mstore/pkg/descr"
-	"mstore/pkg/term"
 )

 func (cli *Client) FileInfo(ctx context.Context, fileuri string) (bool, *descr.File, error) {
@@ -209,7 +208,7 @@ func (cli *Client) DeleteFile(ctx context.Context, fileuri string) error {
 	return err
 }

-func (cli *Client) ListFiles(ctx context.Context, catalogURI string, usePathAs term.PathUsage) ([]descr.File, error) {
+func (cli *Client) ListFiles(ctx context.Context, catalogURI, usePathAs string) ([]descr.File, error) {
 	var err error
 	res := make([]descr.File, 0)

@@ -277,7 +276,7 @@ func (cli *Client) ListFiles(ctx context.Context, catalogURI string, usePathAs t
 	return res, err
 }

-func (cli *Client) ListCollections(ctx context.Context, catalogURI string, usePathAs term.PathUsage) ([]string, error) {
+func (cli *Client) ListCollections(ctx context.Context, catalogURI, usePathAs string) ([]string, error) {
 	var err error
 	res := make([]string, 0)

@@ -346,7 +345,7 @@ func (cli *Client) ListCollections(ctx context.Context, catalogURI string, usePa
 	return res, err
 }

-func (cli *Client) DeleteCollection(ctx context.Context, catalogURI string, usePathAs term.PathUsage, dryRun bool) ([]descr.File, error) {
+func (cli *Client) DeleteCollection(ctx context.Context, catalogURI, usePathAs string, dryRun bool) ([]descr.File, error) {
 	var err error
 	res := make([]descr.File, 0)

@@ -17,13 +17,11 @@ import (
 	"mstore/app/handler"
 	"mstore/app/operator"
 	"mstore/pkg/descr"
-	"mstore/pkg/term"
-	"mstore/pkg/auxid"
 )

-func (cli *Client) CreateGrantByAccountID(ctx context.Context, hosturi string, accountID uint64, right term.Right, pattern string) (uint64, error) {
+func (cli *Client) CreateGrantByAccountID(ctx context.Context, hosturi string, accountID, right, pattern string) (string, error) {
 	var err error
-	var res uint64
+	var res string

 	apiuri, err := setApiPath(hosturi, "/v3/api/grant/create")
 	if err != nil {
@@ -56,9 +54,9 @@ func (cli *Client) CreateGrantByAccountID(ctx context.Context, hosturi string, a
 	return res, err
 }

-func (cli *Client) CreateGrantByUsername(ctx context.Context, hosturi, username string, right term.Right, pattern string) (uint64, error) {
+func (cli *Client) CreateGrantByUsername(ctx context.Context, hosturi, username string, right string, pattern string) (string, error) {
 	var err error
-	var res uint64
+	var res string

 	apiuri, err := setApiPath(hosturi, "/v3/api/grant/create")
 	if err != nil {
@@ -91,7 +89,7 @@ func (cli *Client) CreateGrantByUsername(ctx context.Context, hosturi, username
 	return res, err
 }

-func (cli *Client) GetGrant(ctx context.Context, hosturi string, id uint64) (*descr.Grant, error) {
+func (cli *Client) GetGrant(ctx context.Context, hosturi, grantID string) (*descr.Grant, error) {
 	var err error
 	res := &descr.Grant{}

@@ -100,7 +98,7 @@ func (cli *Client) GetGrant(ctx context.Context, hosturi string, id uint64) (*de
 		return res, err
 	}
 	operParams := operator.GetGrantParams{
-		GrantID: id,
+		GrantID: grantID,
 	}
 	paramsJson, err := json.Marshal(operParams)
 	if err != nil {
@@ -124,7 +122,7 @@ func (cli *Client) GetGrant(ctx context.Context, hosturi string, id uint64) (*de
 	return res, err
 }

-func (cli *Client) UpdateGrant(ctx context.Context, hosturi string, grantID uint64, newPattern string) error {
+func (cli *Client) UpdateGrant(ctx context.Context, hosturi, grantID, newPattern string) error {
 	var err error

 	apipath, err := setApiPath(hosturi, "/v3/api/grant/update")
@@ -155,7 +153,7 @@ func (cli *Client) UpdateGrant(ctx context.Context, hosturi string, grantID uint
 	return err
 }

-func (cli *Client) DeleteGrant(ctx context.Context, hosturi string, grantID uint64) error {
+func (cli *Client) DeleteGrant(ctx context.Context, hosturi, grantID string) error {
 	var err error

 	apipath, err := setApiPath(hosturi, "/v3/api/grant/delete")
@@ -186,7 +184,7 @@ func (cli *Client) DeleteGrant(ctx context.Context, hosturi string, grantID uint
 	return err
 }

-func (cli *Client) ListGrantsByAccountID(ctx context.Context, hosturi string, accountID uint64) ([]descr.Grant, error) {
+func (cli *Client) ListGrantsByAccountID(ctx context.Context, hosturi, accountID string) ([]descr.Grant, error) {
 	var err error
 	res := make([]descr.Grant, 0)

@@ -9,25 +9,24 @@
 */
 package descr

-
 type Account struct {
-	ID        uint64 `json:"id"         db:"id"`
+	ID        string `json:"id"         db:"id"`
 	Username  string `json:"username"   db:"username"`
 	Passhash  string `json:"passhash"   db:"passhash"`
 	Disabled  bool   `json:"disabled"   db:"disabled"`
 	CreatedAt string `json:"createdAt"  db:"created_at"`
 	UpdatedAt string `json:"updatedAt"  db:"updated_at"`
-	CreatedBy uint64 `json:"createdBy"  db:"created_by"`
-	UpdatedBy uint64 `json:"updatedBy"  db:"updated_by"`
+	CreatedBy string `json:"createdBy"  db:"created_by"`
+	UpdatedBy string `json:"updatedBy"  db:"updated_by"`
 }

 type AccountShort struct {
-	ID        uint64 `json:"id"`
+	ID        string  `json:"id"`
 	Username  string  `json:"username"`
 	Disabled  bool    `json:"disabled"`
 	CreatedAt string  `json:"createdAt"`
 	UpdatedAt string  `json:"updatedAt"`
-	CreatedBy uint64 `json:"createdBy"`
-	UpdatedBy uint64 `json:"updatedBy"`
+	CreatedBy string  `json:"createdBy"`
+	UpdatedBy string  `json:"updatedBy"`
 	Grants    []Grant `json:"grants"`
 }
@@ -10,7 +10,7 @@
 package descr

 type Blob struct {
-	ID        uint64 `db:"id"         json:"id"`
+	ID        string `db:"id"         json:"id"`
 	Name      string `db:"name"       json:"name"`
 	Reference string `db:"reference"  json:"reference"`
 	MediaType string `db:"mediaType"  json:"mediaType"`
@@ -18,6 +18,6 @@ type Blob struct {
 	Size      int64  `db:"size"       json:"size"`
 	CreatedAt string `db:"created_at" json:"createdAt"`
 	UpdatedAt string `db:"updated_at" json:"updatedAt"`
-	CreatedBy uint64 `db:"created_by" json:"createdBy,omitempty"`
-	UpdatedBy uint64 `db:"updated_by" json:"updatedBy,omitempty"`
+	CreatedBy string `db:"created_by" json:"createdBy,omitempty"`
+	UpdatedBy string `db:"updated_by" json:"updatedBy,omitempty"`
 }
@@ -10,7 +10,7 @@
 package descr

 type File struct {
-	ID         uint64 `db:"id"          json:"id,omitempty"         yaml:"id,omitempty"`
+	ID         string `db:"id"          json:"id,omitempty"         yaml:"id,omitempty"`
 	Collection string `db:"collection"  json:"collection,omitempty" yaml:"collection,omitempty"`
 	Name       string `db:"name"        json:"name,omitempty"       yaml:"name,omitempty"`
 	Type       string `db:"type"        json:"type,omitempty"       yaml:"type,omitempty"`
@@ -18,6 +18,6 @@ type File struct {
 	Size       int64  `db:"size"        json:"size,omitempty"       yaml:"size,omitempty"`
 	CreatedAt  string `db:"created_at"  json:"createdAt,omitempty"  yaml:"createdAt,omitempty"`
 	UpdatedAt  string `db:"updated_at"  json:"updatedAt,omitempty"  yaml:"updatedAt,omitempty"`
-	CreatedBy  uint64 `db:"created_by"  json:"createdBy,omitempty"  yaml:"createdBy,omitempty"`
-	UpdatedBy  uint64 `db:"updated_by"  json:"updatedBy,omitempty"  yaml:"updatedBy,omitempty"`
+	CreatedBy  string `db:"created_by"  json:"createdBy,omitempty"  yaml:"createdBy,omitempty"`
+	UpdatedBy  string `db:"updated_by"  json:"updatedBy,omitempty"  yaml:"updatedBy,omitempty"`
 }
@@ -10,17 +10,13 @@

 package descr

-import (
-	"mstore/pkg/term"
-)
-
 type Grant struct {
-	ID        uint64  `json:"id"         db:"id"`
-	AccountID uint64  `json:"accountID"  db:"account_id"`
-	Right     term.Right `json:"right"  db:"right"`
+	ID        string `json:"id"         db:"id"`
+	AccountID string `json:"accountID"  db:"account_id"`
+	Right     string `json:"right"  db:"right"`
 	Pattern   string `json:"pattern"    db:"pattern"`
 	CreatedAt string `json:"createdAt"  db:"created_at"`
 	UpdatedAt string `json:"updatedAt"  db:"updated_at"`
-	CreatedBy uint64  `json:"createdBy"  db:"created_by"`
-	UpdatedBy uint64  `json:"updatedBy"  db:"updated_by"`
+	CreatedBy string `json:"createdBy"  db:"created_by"`
+	UpdatedBy string `json:"updatedBy"  db:"updated_by"`
 }
@@ -10,7 +10,7 @@
 package descr

 type Manifest struct {
-	ID          uint64 `db:"id"          json:"id"`
+	ID          string `db:"id"          json:"id"`
 	Name        string `db:"name"        json:"name"`
 	Reference   string `db:"reference"   json:"reference"`
 	ContentType string `db:"contentType" json:"contentType"`
@@ -18,8 +18,8 @@ type Manifest struct {
 	Digest      string `db:"digest"      json:"digest"`
 	CreatedAt   string `db:"created_at"  json:"createdAt"`
 	UpdatedAt   string `db:"updated_at"  json:"updatedAt"`
-	CreatedBy   uint64 `db:"created_by"  json:"createdBy,omitempty"`
-	UpdatedBy   uint64 `db:"updated_by"  json:"updatedBy,omitempty"`
+	CreatedBy   string `db:"created_by"  json:"createdBy,omitempty"`
+	UpdatedBy   string `db:"updated_by"  json:"updatedBy,omitempty"`
 }

 type Tags struct {
@@ -11,34 +11,30 @@
 package term

 import (
-	//"mstore/pkg/auxid"
+//"mstore/pkg/auxuuid"
 )

-type PathUsage string
-
 const (
-	AsFinePath PathUsage = "asFinePath"
-	AsPrefix   PathUsage = "asPrefix"
-	AsRegexp   PathUsage = "asRegexp"
+	AsFinePath string = "asFinePath"
+	AsPrefix   string = "asPrefix"
+	AsRegexp   string = "asRegexp"
 )

 const (
 	AnonimousUsername string = "anonymous"
-	AnonymousID       uint64 = 1
+	AnonymousID       string = "0000000-0000-0000-0000-000000000001"
 	ServerUsername    string = "server"
-	ServerID          uint64 = 2
+	ServerID          string = "0000000-0000-0000-0000-000000000002"
 	InitUsername      string = "mstore"
-	InitID            uint64 = 5
+	InitID            string = "0000000-0000-0000-0000-000000000005"
 )

-type Right string
-
 const (
 	// Accounts, grants
-	RightReadAccounts  Right = "readAccounts"  // GetAccount, ListAccounts
-	RightWriteAccounts Right = "writeAccounts" // CreateAccount, UpdateAccount, DeleteAccount
-	RightWriteFiles    Right = "writeFiles"    // FileInfo, GetFile, ListFiles
-	RightReadFiles     Right = "readFiles"     // PutFile, DeleteFile
-	RightReadImages    Right = "readImages"    // ManifestInfo, GetManifest, BlobInfo, GetBlob
-	RightWriteImages   Right = "writeImages"   // other opearion
+	RightReadAccounts  string = "readAccounts"  // GetAccount, ListAccounts
+	RightWriteAccounts string = "writeAccounts" // CreateAccount, UpdateAccount, DeleteAccount
+	RightWriteFiles    string = "writeFiles"    // FileInfo, GetFile, ListFiles
+	RightReadFiles     string = "readFiles"     // PutFile, DeleteFile
+	RightReadImages    string = "readImages"    // ManifestInfo, GetManifest, BlobInfo, GetBlob
+	RightWriteImages   string = "writeImages"   // other opearion
 )
@@ -17,9 +17,9 @@ import (
 	"time"

 	"mstore/app/server"
+	"mstore/pkg/auxuuid"
 	"mstore/pkg/client"
 	"mstore/pkg/term"
-	"mstore/pkg/auxid"

 	"github.com/stretchr/testify/require"