fixed doc env vars + mongo v2 migration

api/server/go.mod

@@ -29,7 +29,7 @@ require (
 	github.com/tech/sendico/pkg v0.1.0
 	github.com/testcontainers/testcontainers-go v0.33.0
 	github.com/testcontainers/testcontainers-go/modules/mongodb v0.33.0
-	go.mongodb.org/mongo-driver v1.17.8
+	go.mongodb.org/mongo-driver/v2 v2.5.0
 	go.uber.org/zap v1.27.1
 	golang.org/x/net v0.49.0
 	google.golang.org/grpc v1.78.0
@@ -64,7 +64,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/sts v1.41.6 // indirect
 	github.com/aws/smithy-go v1.24.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/casbin/mongodb-adapter/v3 v3.7.0 // indirect
+	github.com/casbin/mongodb-adapter/v4 v4.3.0 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/containerd/log v0.1.0 // indirect
@@ -83,7 +83,6 @@ require (
 	github.com/go-ole/go-ole v1.3.0 // indirect
 	github.com/goccy/go-json v0.10.5 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/snappy v1.0.0 // indirect
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2 // indirect
 	github.com/klauspost/compress v1.18.3 // indirect
 	github.com/lestrrat-go/blackmagic v1.0.4 // indirect
@@ -102,7 +101,6 @@ require (
 	github.com/moby/sys/user v0.3.0 // indirect
 	github.com/moby/sys/userns v0.1.0 // indirect
 	github.com/moby/term v0.5.0 // indirect
-	github.com/montanaflynn/stats v0.7.1 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/nats-io/nats.go v1.48.0 // indirect

api/server/go.sum

@@ -55,8 +55,8 @@ github.com/casbin/casbin/v2 v2.135.0/go.mod h1:FmcfntdXLTcYXv/hxgNntcRPqAbwOG9xs
 github.com/casbin/govaluate v1.3.0/go.mod h1:G/UnbIjZk/0uMNaLwZZmFQrR72tYRZWQkO70si/iR7A=
 github.com/casbin/govaluate v1.10.0 h1:ffGw51/hYH3w3rZcxO/KcaUIDOLP84w7nsidMVgaDG0=
 github.com/casbin/govaluate v1.10.0/go.mod h1:G/UnbIjZk/0uMNaLwZZmFQrR72tYRZWQkO70si/iR7A=
-github.com/casbin/mongodb-adapter/v3 v3.7.0 h1:w9c3bea1BGK4eZTAmk17JkY52yv/xSZDSHKji8q+z6E=
-github.com/casbin/mongodb-adapter/v3 v3.7.0/go.mod h1:F1mu4ojoJVE/8VhIMxMedhjfwRDdIXgANYs6Sd0MgVA=
+github.com/casbin/mongodb-adapter/v4 v4.3.0 h1:yYXky9v1by6vj/0QK7OyHyd/xpz4vzh0lCi7JKrS4qQ=
+github.com/casbin/mongodb-adapter/v4 v4.3.0/go.mod h1:bOTSYZUjX7I9E0ExEvgq46m3mcDNRII7g8iWjrM1BHE=
 github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
 github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
@@ -252,6 +252,8 @@ github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo
 github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
 go.mongodb.org/mongo-driver v1.17.8 h1:BDP3+U3Y8K0vTrpqDJIRaXNhb/bKyoVeg6tIJsW5EhM=
 go.mongodb.org/mongo-driver v1.17.8/go.mod h1:LlOhpH5NUEfhxcAwG0UEkMqwYcc4JU18gtCdGudk/tQ=
+go.mongodb.org/mongo-driver/v2 v2.5.0 h1:yXUhImUjjAInNcpTcAlPHiT7bIXhshCTL3jVBkF3xaE=
+go.mongodb.org/mongo-driver/v2 v2.5.0/go.mod h1:yOI9kBsufol30iFsl1slpdq1I0eHPzybRWdyYUs8K/0=
 go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
 go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0 h1:UP6IpuHFkUgOQL9FFQFrZ+5LiwhhYRbi7VZSIx6Nj5s=

api/server/interface/accountservice/internal/service.go

@@ -20,7 +20,7 @@ import (
 	"github.com/tech/sendico/pkg/mutil/mzap"
 	"github.com/tech/sendico/server/interface/middleware"
 	"github.com/tech/sendico/server/internal/mutil/flrstring"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -120,7 +120,7 @@ func (s *service) CreateAccount(
 	ctx context.Context,
 	org *model.Organization,
 	acct *model.Account,
-	roleDescID primitive.ObjectID,
+	roleDescID bson.ObjectID,
 ) error {
 	if org == nil {
 		return merrors.InvalidArgument("Organization must not be nil")
@@ -128,7 +128,7 @@ func (s *service) CreateAccount(
 	if acct == nil || len(acct.Login) == 0 {
 		return merrors.InvalidArgument("Account must have a non-empty login")
 	}
-	if roleDescID == primitive.NilObjectID {
+	if roleDescID == bson.NilObjectID {
 		return merrors.InvalidArgument("Role description must be provided")
 	}
 	// 1) Create the account
@@ -152,7 +152,7 @@ func (s *service) CreateAccount(
 func (s *service) DeleteAccount(
 	ctx context.Context,
 	org *model.Organization,
-	accountRef primitive.ObjectID,
+	accountRef bson.ObjectID,
 ) error {
 	// Check if this is the only member in the organization
 	if len(org.Members) <= 1 {
@@ -178,7 +178,7 @@ func (s *service) DeleteAccount(
 func (s *service) RemoveAccountFromOrganization(
 	ctx context.Context,
 	org *model.Organization,
-	accountRef primitive.ObjectID,
+	accountRef bson.ObjectID,
 ) error {
 	if org == nil {
 		return merrors.InvalidArgument("Organization must not be nil")
@@ -233,7 +233,7 @@ func (s *service) JoinOrganization(
 	ctx context.Context,
 	org *model.Organization,
 	account *model.Account,
-	roleDescID primitive.ObjectID,
+	roleDescID bson.ObjectID,
 ) error {
 	if slices.Contains(org.Members, account.ID) {
 		s.logger.Debug("Account is already a member", mzap.StorableRef(org), mzap.StorableRef(account))
@@ -260,7 +260,7 @@ func (s *service) JoinOrganization(
 	return nil
 }
 
-func (s *service) deleteOrganizationRoles(ctx context.Context, orgRef primitive.ObjectID) error {
+func (s *service) deleteOrganizationRoles(ctx context.Context, orgRef bson.ObjectID) error {
 	s.logger.Info("Deleting roles for organization", mzap.ObjRef("organization_ref", orgRef))
 
 	// Get all roles for the organization
@@ -282,7 +282,7 @@ func (s *service) deleteOrganizationRoles(ctx context.Context, orgRef primitive.
 	return nil
 }
 
-func (s *service) deleteOrganizationPolicies(ctx context.Context, orgRef primitive.ObjectID) error {
+func (s *service) deleteOrganizationPolicies(ctx context.Context, orgRef bson.ObjectID) error {
 	s.logger.Info("Deleting policies for organization", mzap.ObjRef("organization_ref", orgRef))
 
 	// Get all policies for the organization
@@ -323,7 +323,7 @@ func (s *service) DeleteOrganization(
 		}
 
 		// 10. Finally, delete the organization itself
-		if err := s.orgDB.Delete(ctx, primitive.NilObjectID, org.ID); err != nil {
+		if err := s.orgDB.Delete(ctx, bson.NilObjectID, org.ID); err != nil {
 			s.logger.Warn("Failed to delete organization", zap.Error(err), mzap.StorableRef(org))
 			return nil, err
 		}
@@ -342,7 +342,7 @@ func (s *service) DeleteOrganization(
 func (s *service) DeleteAll(
 	ctx context.Context,
 	org *model.Organization,
-	accountRef primitive.ObjectID,
+	accountRef bson.ObjectID,
 ) error {
 	s.logger.Info("Starting complete deletion (organization + account)",
 		mzap.StorableRef(org), mzap.ObjRef("account_ref", accountRef))

api/server/interface/accountservice/internal/service_deletion_test.go

@@ -3,23 +3,23 @@ package accountserviceimp
 import (
 	"testing"
 
-	"github.com/tech/sendico/pkg/merrors"
-	"github.com/tech/sendico/pkg/model"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"github.com/tech/sendico/pkg/merrors"
+	"github.com/tech/sendico/pkg/model"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 func TestDeleteAccount_Validation(t *testing.T) {
 	t.Run("DeleteAccount_LastMemberFails", func(t *testing.T) {
-		orgID := primitive.NewObjectID()
-		accountID := primitive.NewObjectID()
+		orgID := bson.NewObjectID()
+		accountID := bson.NewObjectID()
 
 		org := &model.Organization{
 			OrganizationBase: model.OrganizationBase{
 				Describable: model.Describable{Name: "Single Member Org"},
 			},
-			Members: []primitive.ObjectID{accountID}, // Only one member
+			Members: []bson.ObjectID{accountID}, // Only one member
 		}
 		org.ID = orgID
 
@@ -30,15 +30,15 @@ func TestDeleteAccount_Validation(t *testing.T) {
 	})
 
 	t.Run("DeleteAccount_MultipleMembersSuccess", func(t *testing.T) {
-		orgID := primitive.NewObjectID()
-		accountID := primitive.NewObjectID()
-		otherAccountID := primitive.NewObjectID()
+		orgID := bson.NewObjectID()
+		accountID := bson.NewObjectID()
+		otherAccountID := bson.NewObjectID()
 
 		org := &model.Organization{
 			OrganizationBase: model.OrganizationBase{
 				Describable: model.Describable{Name: "Multi Member Org"},
 			},
-			Members: []primitive.ObjectID{accountID, otherAccountID}, // Multiple members
+			Members: []bson.ObjectID{accountID, otherAccountID}, // Multiple members
 		}
 		org.ID = orgID
 
@@ -48,13 +48,13 @@ func TestDeleteAccount_Validation(t *testing.T) {
 	})
 
 	t.Run("DeleteAccount_EmptyMembersList", func(t *testing.T) {
-		orgID := primitive.NewObjectID()
+		orgID := bson.NewObjectID()
 
 		org := &model.Organization{
 			OrganizationBase: model.OrganizationBase{
 				Describable: model.Describable{Name: "Empty Org"},
 			},
-			Members: []primitive.ObjectID{}, // No members
+			Members: []bson.ObjectID{}, // No members
 		}
 		org.ID = orgID
 
@@ -85,7 +85,7 @@ func TestDeleteOrganization_Validation(t *testing.T) {
 				Describable: model.Describable{Name: "Valid Organization"},
 			},
 		}
-		org.ID = primitive.NewObjectID()
+		org.ID = bson.NewObjectID()
 
 		err := validateDeleteOrganization(org)
 		require.NoError(t, err)
@@ -94,7 +94,7 @@ func TestDeleteOrganization_Validation(t *testing.T) {
 
 func TestDeleteAll_Validation(t *testing.T) {
 	t.Run("DeleteAll_NilOrganization", func(t *testing.T) {
-		accountID := primitive.NewObjectID()
+		accountID := bson.NewObjectID()
 		err := validateDeleteAll(nil, accountID)
 		require.Error(t, err)
 		assert.Contains(t, err.Error(), "organization cannot be nil")
@@ -106,9 +106,9 @@ func TestDeleteAll_Validation(t *testing.T) {
 				Describable: model.Describable{Name: "Valid Organization"},
 			},
 		}
-		org.ID = primitive.NewObjectID()
+		org.ID = bson.NewObjectID()
 
-		err := validateDeleteAll(org, primitive.NilObjectID)
+		err := validateDeleteAll(org, bson.NilObjectID)
 		require.Error(t, err)
 		assert.Contains(t, err.Error(), "account ID cannot be empty")
 	})
@@ -119,8 +119,8 @@ func TestDeleteAll_Validation(t *testing.T) {
 				Describable: model.Describable{Name: "Valid Organization"},
 			},
 		}
-		org.ID = primitive.NewObjectID()
-		accountID := primitive.NewObjectID()
+		org.ID = bson.NewObjectID()
+		accountID := bson.NewObjectID()
 
 		err := validateDeleteAll(org, accountID)
 		require.NoError(t, err)
@@ -139,17 +139,17 @@ func validateDeleteOrganization(org *model.Organization) error {
 	if org == nil {
 		return merrors.InvalidArgument("organization cannot be nil")
 	}
-	if org.ID == primitive.NilObjectID {
+	if org.ID == bson.NilObjectID {
 		return merrors.InvalidArgument("organization ID cannot be empty")
 	}
 	return nil
 }
 
-func validateDeleteAll(org *model.Organization, accountRef primitive.ObjectID) error {
+func validateDeleteAll(org *model.Organization, accountRef bson.ObjectID) error {
 	if org == nil {
 		return merrors.InvalidArgument("organization cannot be nil")
 	}
-	if accountRef == primitive.NilObjectID {
+	if accountRef == bson.NilObjectID {
 		return merrors.InvalidArgument("account ID cannot be empty")
 	}
 	return nil

api/server/interface/accountservice/types.go

@@ -10,7 +10,7 @@ import (
 	"github.com/tech/sendico/pkg/model"
 	accountserviceimp "github.com/tech/sendico/server/interface/accountservice/internal"
 	"github.com/tech/sendico/server/interface/middleware"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 // AccountService defines all account-related workflows.
@@ -45,14 +45,14 @@ type AccountService interface {
 		ctx context.Context,
 		org *model.Organization,
 		acct *model.Account,
-		roleDescID primitive.ObjectID,
+		roleDescID bson.ObjectID,
 	) error
 
 	JoinOrganization(
 		ctx context.Context,
 		org *model.Organization,
 		acct *model.Account,
-		roleDescID primitive.ObjectID,
+		roleDescID bson.ObjectID,
 	) error
 
 	UpdateLogin(
@@ -65,14 +65,14 @@ type AccountService interface {
 	DeleteAccount(
 		ctx context.Context,
 		org *model.Organization,
-		accountRef primitive.ObjectID,
+		accountRef bson.ObjectID,
 	) error
 
 	// RemoveAccountFromOrganization just drops it from the member slice.
 	RemoveAccountFromOrganization(
 		ctx context.Context,
 		org *model.Organization,
-		accountRef primitive.ObjectID,
+		accountRef bson.ObjectID,
 	) error
 
 	DeleteOrganization(
@@ -84,7 +84,7 @@ type AccountService interface {
 	DeleteAll(
 		ctx context.Context,
 		org *model.Organization,
-		accountRef primitive.ObjectID,
+		accountRef bson.ObjectID,
 	) error
 }
 

api/server/interface/api/srequest/changepolicies.go

@@ -2,11 +2,11 @@ package srequest
 
 import (
 	"github.com/tech/sendico/pkg/model"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type ChangePolicies struct {
-	RoleRef primitive.ObjectID  `json:"roleRef"`
+	RoleRef bson.ObjectID       `json:"roleRef"`
 	Add     *[]model.RolePolicy `json:"add,omitempty"`
 	Remove  *[]model.RolePolicy `json:"remove,omitempty"`
 }

api/server/interface/api/srequest/changerole.go

@@ -1,8 +1,8 @@
 package srequest
 
-import "go.mongodb.org/mongo-driver/bson/primitive"
+import "go.mongodb.org/mongo-driver/v2/bson"
 
 type ChangeRole struct {
-	AccountRef            primitive.ObjectID `json:"accountRef"`
-	NewRoleDescriptionRef primitive.ObjectID `json:"newRoleDescriptionRef"`
+	AccountRef            bson.ObjectID `json:"accountRef"`
+	NewRoleDescriptionRef bson.ObjectID `json:"newRoleDescriptionRef"`
 }

api/server/interface/api/srequest/file.go

@@ -1,7 +1,7 @@
 package srequest
 
-import "go.mongodb.org/mongo-driver/bson/primitive"
+import "go.mongodb.org/mongo-driver/v2/bson"
 
 type FileUpload struct {
-	ObjRef primitive.ObjectID `json:"objRef"`
+	ObjRef bson.ObjectID `json:"objRef"`
 }

api/server/interface/api/srequest/ledger.go

@@ -6,7 +6,7 @@ import (
 	"github.com/tech/sendico/pkg/ledgerconv"
 	"github.com/tech/sendico/pkg/merrors"
 	"github.com/tech/sendico/pkg/model"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type LedgerAccountType string
@@ -28,13 +28,13 @@ const (
 )
 
 type CreateLedgerAccount struct {
-	AccountType   LedgerAccountType   `json:"accountType"`
-	Currency      string              `json:"currency"`
-	AllowNegative bool                `json:"allowNegative,omitempty"`
-	Role          model.AccountRole   `json:"role"`
-	Describable   model.Describable   `json:"describable"`
-	OwnerRef      *primitive.ObjectID `json:"ownerRef,omitempty"`
-	Metadata      map[string]string   `json:"metadata,omitempty"`
+	AccountType   LedgerAccountType `json:"accountType"`
+	Currency      string            `json:"currency"`
+	AllowNegative bool              `json:"allowNegative,omitempty"`
+	Role          model.AccountRole `json:"role"`
+	Describable   model.Describable `json:"describable"`
+	OwnerRef      *bson.ObjectID    `json:"ownerRef,omitempty"`
+	Metadata      map[string]string `json:"metadata,omitempty"`
 }
 
 func (r *CreateLedgerAccount) Validate() error {

api/server/interface/api/srequest/reorder.go

@@ -1,19 +1,19 @@
 package srequest
 
-import "go.mongodb.org/mongo-driver/bson/primitive"
+import "go.mongodb.org/mongo-driver/v2/bson"
 
 type Reorder struct {
-	ParentRef primitive.ObjectID `json:"parentRef"`
-	From      int                `json:"from"`
-	To        int                `json:"to"`
+	ParentRef bson.ObjectID `json:"parentRef"`
+	From      int           `json:"from"`
+	To        int           `json:"to"`
 }
 
 type ReorderX struct {
-	ObjectRef primitive.ObjectID `json:"objectRef"`
-	To        int                `json:"to"`
+	ObjectRef bson.ObjectID `json:"objectRef"`
+	To        int           `json:"to"`
 }
 
 type ReorderXDefault struct {
 	ReorderX  `json:",inline"`
-	ParentRef primitive.ObjectID `json:"parentRef"`
+	ParentRef bson.ObjectID `json:"parentRef"`
 }

api/server/interface/api/srequest/sgchange.go

@@ -1,13 +1,13 @@
 package srequest
 
-import "go.mongodb.org/mongo-driver/bson/primitive"
+import "go.mongodb.org/mongo-driver/v2/bson"
 
 type GroupItemChange struct {
-	GroupRef primitive.ObjectID `json:"groupRef"`
-	ItemRef  primitive.ObjectID `json:"itemRef"`
+	GroupRef bson.ObjectID `json:"groupRef"`
+	ItemRef  bson.ObjectID `json:"itemRef"`
 }
 
 type RemoveItemFromGroup struct {
 	GroupItemChange `json:",inline"`
-	TargetItemRef   primitive.ObjectID `json:"targetItemRef"`
+	TargetItemRef   bson.ObjectID `json:"targetItemRef"`
 }

api/server/interface/api/srequest/taggable.go

@@ -1,20 +1,20 @@
 package srequest
 
-import "go.mongodb.org/mongo-driver/bson/primitive"
+import "go.mongodb.org/mongo-driver/v2/bson"
 
 // TaggableSingle is used for single tag operations (add/remove tag)
 type TaggableSingle struct {
-	ObjectRef primitive.ObjectID `json:"objectRef"`
-	TagRef    primitive.ObjectID `json:"tagRef"`
+	ObjectRef bson.ObjectID `json:"objectRef"`
+	TagRef    bson.ObjectID `json:"tagRef"`
 }
 
 // TaggableMultiple is used for multiple tag operations (add tags, set tags)
 type TaggableMultiple struct {
-	ObjectRef primitive.ObjectID   `json:"objectRef"`
-	TagRefs   []primitive.ObjectID `json:"tagRefs"`
+	ObjectRef bson.ObjectID   `json:"objectRef"`
+	TagRefs   []bson.ObjectID `json:"tagRefs"`
 }
 
 // TaggableObject is used for object-only operations (remove all tags, get tags)
 type TaggableObject struct {
-	ObjectRef primitive.ObjectID `json:"objectRef"`
+	ObjectRef bson.ObjectID `json:"objectRef"`
 }

api/server/interface/api/srequest/wallet.go

@@ -2,11 +2,11 @@ package srequest
 
 import (
 	"github.com/tech/sendico/pkg/model"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type CreateWallet struct {
 	Description model.Describable   `json:"description"`
 	Asset       model.ChainAssetKey `json:"asset"`
-	OwnerRef    *primitive.ObjectID `json:"ownerRef,omitempty"`
+	OwnerRef    *bson.ObjectID      `json:"ownerRef,omitempty"`
 }

api/server/interface/api/sresponse/account.go

@@ -6,7 +6,7 @@ import (
 	"github.com/tech/sendico/pkg/api/http/response"
 	"github.com/tech/sendico/pkg/mlogger"
 	"github.com/tech/sendico/pkg/model"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type accountData struct {
@@ -26,7 +26,7 @@ func _createAccount(account *model.Account, isAnonymous bool) *accountData {
 	}
 }
 
-func _toAccount(account *model.Account, orgRef primitive.ObjectID) *accountData {
+func _toAccount(account *model.Account, orgRef bson.ObjectID) *accountData {
 	return _createAccount(account, model.AccountIsAnonymous(&account.UserDataBase, orgRef))
 }
 
@@ -45,7 +45,7 @@ type accountsResponse struct {
 	Accounts     []accountData `json:"accounts"`
 }
 
-func Accounts(logger mlogger.Logger, accounts []model.Account, orgRef primitive.ObjectID, accessToken *TokenData) http.HandlerFunc {
+func Accounts(logger mlogger.Logger, accounts []model.Account, orgRef bson.ObjectID, accessToken *TokenData) http.HandlerFunc {
 	// Convert each account to its public representation.
 	publicAccounts := make([]accountData, len(accounts))
 	for i, a := range accounts {

api/server/interface/model/token.go

@@ -8,11 +8,11 @@ import (
 	"github.com/tech/sendico/pkg/model"
 	mduration "github.com/tech/sendico/pkg/mutil/duration"
 	"github.com/tech/sendico/server/interface/middleware"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type AccountToken struct {
-	AccountRef primitive.ObjectID
+	AccountRef bson.ObjectID
 	Login      string
 	Name       string
 	Locale     string
@@ -56,7 +56,7 @@ func Claims2Token(claims middleware.MapClaims) (*AccountToken, error) {
 	if account, err = getTokenParam(claims, paramNameID); err != nil {
 		return nil, err
 	}
-	if at.AccountRef, err = primitive.ObjectIDFromHex(account); err != nil {
+	if at.AccountRef, err = bson.ObjectIDFromHex(account); err != nil {
 		return nil, err
 	}
 	if at.Login, err = getTokenParam(claims, paramNameLogin); err != nil {

api/server/internal/mutil/param/getter.go

@@ -7,7 +7,7 @@ import (
 	"github.com/go-chi/chi/v5"
 	"github.com/tech/sendico/pkg/mlogger"
 	"github.com/tech/sendico/pkg/model"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -31,32 +31,32 @@ func GetOrganizationID(r *http.Request) string {
 	return GetParam(r, OrganizationRefName())
 }
 
-func GetOrganizationRef(r *http.Request) (primitive.ObjectID, error) {
-	return primitive.ObjectIDFromHex(GetOrganizationID(r))
+func GetOrganizationRef(r *http.Request) (bson.ObjectID, error) {
+	return bson.ObjectIDFromHex(GetOrganizationID(r))
 }
 
 func GetStatusID(r *http.Request) string {
 	return GetParam(r, OrganizationRefName())
 }
 
-func GetStatusRef(r *http.Request) (primitive.ObjectID, error) {
-	return primitive.ObjectIDFromHex(GetStatusID(r))
+func GetStatusRef(r *http.Request) (bson.ObjectID, error) {
+	return bson.ObjectIDFromHex(GetStatusID(r))
 }
 
 func GetProjectID(r *http.Request) string {
 	return GetParam(r, ProjectRefName())
 }
 
-func GetProjectRef(r *http.Request) (primitive.ObjectID, error) {
-	return primitive.ObjectIDFromHex(GetProjectID(r))
+func GetProjectRef(r *http.Request) (bson.ObjectID, error) {
+	return bson.ObjectIDFromHex(GetProjectID(r))
 }
 
 func GetInvitationID(r *http.Request) string {
 	return GetParam(r, InvitationRefName())
 }
 
-func GetInvitationRef(r *http.Request) (primitive.ObjectID, error) {
-	return primitive.ObjectIDFromHex(GetOrganizationID(r))
+func GetInvitationRef(r *http.Request) (bson.ObjectID, error) {
+	return bson.ObjectIDFromHex(GetOrganizationID(r))
 }
 
 func GetToken(r *http.Request) string {

api/server/internal/mutil/param/helper.go

@@ -4,14 +4,14 @@ import (
 	"net/http"
 
 	mutilimp "github.com/tech/sendico/server/internal/mutil/param/internal"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type ParamHelper interface {
 	Name() string
 	RefName() string
 	GetID(r *http.Request) string
-	GetRef(r *http.Request) (primitive.ObjectID, error)
+	GetRef(r *http.Request) (bson.ObjectID, error)
 	AddRef(base string) string
 }
 

api/server/internal/mutil/param/internal/helper.go

@@ -6,7 +6,7 @@ import (
 	"strings"
 
 	"github.com/go-chi/chi/v5"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 func addParam(base string, param string) string {
@@ -38,8 +38,8 @@ func (ph *ParamHelper) GetID(r *http.Request) string {
 	return getParam(r, ph.RefName())
 }
 
-func (ph *ParamHelper) GetRef(r *http.Request) (primitive.ObjectID, error) {
-	return primitive.ObjectIDFromHex(ph.GetID(r))
+func (ph *ParamHelper) GetRef(r *http.Request) (bson.ObjectID, error) {
+	return bson.ObjectIDFromHex(ph.GetID(r))
 }
 
 func (ph *ParamHelper) AddRef(base string) string {

api/server/internal/mutil/param/ref.go

@@ -3,9 +3,9 @@ package mutil
 import (
 	"net/http"
 
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
-func GetAccountRef(r *http.Request) (primitive.ObjectID, error) {
-	return primitive.ObjectIDFromHex(GetAccountID(r))
+func GetAccountRef(r *http.Request) (bson.ObjectID, error) {
+	return bson.ObjectIDFromHex(GetAccountID(r))
 }

api/server/internal/server/aapitemplate/db.go

@@ -4,18 +4,18 @@ import (
 	"context"
 
 	"github.com/tech/sendico/pkg/db/repository/builder"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type DB[T any] interface {
-	Create(ctx context.Context, accountRef primitive.ObjectID, object *T) error
-	Get(ctx context.Context, accountRef, objectRef primitive.ObjectID, result *T) error
-	Update(ctx context.Context, accountRef primitive.ObjectID, object *T) error
-	Patch(ctx context.Context, accountRef, objectRef primitive.ObjectID, patch builder.Patch) error
-	Delete(ctx context.Context, accountRef, objectRef primitive.ObjectID) error
-	List(ctx context.Context, accountRef, organizationRef primitive.ObjectID) ([]T, error)
+	Create(ctx context.Context, accountRef bson.ObjectID, object *T) error
+	Get(ctx context.Context, accountRef, objectRef bson.ObjectID, result *T) error
+	Update(ctx context.Context, accountRef bson.ObjectID, object *T) error
+	Patch(ctx context.Context, accountRef, objectRef bson.ObjectID, patch builder.Patch) error
+	Delete(ctx context.Context, accountRef, objectRef bson.ObjectID) error
+	List(ctx context.Context, accountRef, organizationRef bson.ObjectID) ([]T, error)
 }
 
 type ReorderDB interface {
-	Reorder(ctx context.Context, accountRef, objectRef primitive.ObjectID, newIndex int, filter builder.Query) error
+	Reorder(ctx context.Context, accountRef, objectRef bson.ObjectID, newIndex int, filter builder.Query) error
 }

api/server/internal/server/aapitemplate/delete.go

@@ -9,11 +9,11 @@ import (
 	"github.com/tech/sendico/pkg/mutil/mzap"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
-func (a *AccountAPI[T]) deleteImp(ctx context.Context, account *model.Account, objectRef primitive.ObjectID) error {
+func (a *AccountAPI[T]) deleteImp(ctx context.Context, account *model.Account, objectRef bson.ObjectID) error {
 	if err := a.DB.Delete(ctx, *account.GetID(), objectRef); err != nil {
 		a.Logger.Warn("Error deleting object", zap.Error(err), mzap.StorableRef(account), mzap.ObjRef("object_ref", objectRef))
 		return err

api/server/internal/server/aapitemplate/nconfig.go

@@ -4,14 +4,14 @@ import (
 	"github.com/tech/sendico/pkg/messaging"
 	notifications "github.com/tech/sendico/pkg/messaging/envelope"
 	model "github.com/tech/sendico/pkg/model/notification"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 // NotificationHandler is a function that processes an object of type T and returns an error.
-type NotificationHandler[T any] func(template T, actorAccountRef primitive.ObjectID) error
+type NotificationHandler[T any] func(template T, actorAccountRef bson.ObjectID) error
 
 // sinkNotification is the default no-op strategy.
-func sinkNotification[T any](_ T, _ primitive.ObjectID) error {
+func sinkNotification[T any](_ T, _ bson.ObjectID) error {
 	return nil
 }
 
@@ -19,7 +19,7 @@ func sinkNotification[T any](_ T, _ primitive.ObjectID) error {
 type NotificationConfig[T any] struct {
 	producer messaging.Producer
 	// The factory now receives a NotificationAction so it knows which event is being processed.
-	factory                 func(template T, actorAccountRef primitive.ObjectID, t model.NotificationAction) notifications.Envelope
+	factory                 func(template T, actorAccountRef bson.ObjectID, t model.NotificationAction) notifications.Envelope
 	CreateNotification      NotificationHandler[T]
 	UpdateNotification      NotificationHandler[T]
 	NeedArchiveNotification bool
@@ -43,20 +43,20 @@ func NewNotificationConfig[T any](producer messaging.Producer) *NotificationConf
 }
 
 // WithNotifications sets the notification factory and switches all endpoints to the sending strategy.
-func (nc *NotificationConfig[T]) WithNotifications(factory func(template T, actorAccountRef primitive.ObjectID, typ model.NotificationAction) notifications.Envelope) *NotificationConfig[T] {
+func (nc *NotificationConfig[T]) WithNotifications(factory func(template T, actorAccountRef bson.ObjectID, typ model.NotificationAction) notifications.Envelope) *NotificationConfig[T] {
 	nc.factory = factory
 	// Build sending functions for each notification type.
-	nc.CreateNotification = func(template T, actorAccountRef primitive.ObjectID) error {
+	nc.CreateNotification = func(template T, actorAccountRef bson.ObjectID) error {
 		return nc.producer.SendMessage(factory(template, actorAccountRef, model.NACreated))
 	}
-	nc.UpdateNotification = func(template T, actorAccountRef primitive.ObjectID) error {
+	nc.UpdateNotification = func(template T, actorAccountRef bson.ObjectID) error {
 		return nc.producer.SendMessage(factory(template, actorAccountRef, model.NAUpdated))
 	}
-	nc.ArchiveNotification = func(template T, actorAccountRef primitive.ObjectID) error {
+	nc.ArchiveNotification = func(template T, actorAccountRef bson.ObjectID) error {
 		return nc.producer.SendMessage(factory(template, actorAccountRef, model.NAArchived))
 	}
 	nc.NeedArchiveNotification = true
-	nc.DeleteNotification = func(template T, actorAccountRef primitive.ObjectID) error {
+	nc.DeleteNotification = func(template T, actorAccountRef bson.ObjectID) error {
 		return nc.producer.SendMessage(factory(template, actorAccountRef, model.NADeleted))
 	}
 	nc.NeedDeleteNotification = true

api/server/internal/server/aapitemplate/service.go

@@ -11,7 +11,7 @@ import (
 	eapi "github.com/tech/sendico/server/interface/api"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -67,7 +67,7 @@ func (a *AccountAPI[T]) Build() *AccountAPI[T] {
 	return a
 }
 
-func (a *AccountAPI[T]) WithNotifications(factory func(template *T, actorAccountRef primitive.ObjectID, t model.NotificationAction) notifications.Envelope) *AccountAPI[T] {
+func (a *AccountAPI[T]) WithNotifications(factory func(template *T, actorAccountRef bson.ObjectID, t model.NotificationAction) notifications.Envelope) *AccountAPI[T] {
 	a.nconfig.WithNotifications(factory)
 	a.Logger.Info("Notificatons handler installed")
 	return a

api/server/internal/server/accountapiimp/delete.go

@@ -10,7 +10,7 @@ import (
 	"github.com/tech/sendico/pkg/mservice"
 	"github.com/tech/sendico/pkg/mutil/mzap"
 	"github.com/tech/sendico/server/interface/api/sresponse"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -97,7 +97,7 @@ func (a *AccountAPI) deleteAll(r *http.Request, account *model.Account, token *s
 	}
 
 	// Check if user has permission to delete the organization
-	canDelete, err := a.enf.Enforce(ctx, orgPolicy.ID, account.ID, orgRef, primitive.NilObjectID, model.ActionDelete)
+	canDelete, err := a.enf.Enforce(ctx, orgPolicy.ID, account.ID, orgRef, bson.NilObjectID, model.ActionDelete)
 	if err != nil {
 		a.logger.Error("Failed to check delete permission", zap.Error(err), mzap.StorableRef(account))
 		return response.Auto(a.logger, a.Name(), err)
@@ -118,6 +118,6 @@ func (a *AccountAPI) deleteAll(r *http.Request, account *model.Account, token *s
 }
 
 // Helper method to get current organization reference from request context
-func (a *AccountAPI) getCurrentOrganizationRef(r *http.Request) (primitive.ObjectID, error) {
+func (a *AccountAPI) getCurrentOrganizationRef(r *http.Request) (bson.ObjectID, error) {
 	return a.oph.GetRef(r)
 }

api/server/internal/server/accountapiimp/employees.go

@@ -7,7 +7,7 @@ import (
 	"github.com/tech/sendico/pkg/model"
 	"github.com/tech/sendico/pkg/mutil/mzap"
 	"github.com/tech/sendico/server/interface/api/sresponse"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -18,7 +18,7 @@ func (a *AccountAPI) getEmployees(r *http.Request, account *model.Account, token
 		return response.BadReference(a.logger, a.Name(), a.oph.Name(), a.oph.GetID(r), err)
 	}
 	ctx := r.Context()
-	res, err := a.enf.Enforce(ctx, a.accountsPermissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	res, err := a.enf.Enforce(ctx, a.accountsPermissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Warn("Failed to check accounts access permissions", zap.Error(err), mzap.ObjRef("organization_ref", orgRef), mzap.StorableRef(account))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/accountapiimp/password_test.go

@@ -3,9 +3,9 @@ package accountapiimp
 import (
 	"testing"
 
-	"github.com/tech/sendico/pkg/model"
 	"github.com/stretchr/testify/assert"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"github.com/tech/sendico/pkg/model"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 // TestPasswordResetTokenGeneration tests the token generation logic
@@ -105,8 +105,8 @@ func TestPasswordResetFlowLogic(t *testing.T) {
 		assert.NotEqual(t, originalToken, resetToken, "Reset token should be different from empty")
 
 		// Step 3: User clicks reset link with token
-		userID := primitive.NewObjectID()
-		assert.NotEqual(t, primitive.NilObjectID, userID, "User ID should be valid")
+		userID := bson.NewObjectID()
+		assert.NotEqual(t, bson.NilObjectID, userID, "User ID should be valid")
 
 		// Step 4: System validates token and updates password
 		storedToken := resetToken

api/server/internal/server/accountapiimp/service.go

@@ -25,7 +25,7 @@ import (
 	eapi "github.com/tech/sendico/server/interface/api"
 	"github.com/tech/sendico/server/interface/services/fileservice"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -44,7 +44,7 @@ type AccountAPI struct {
 	oph                   mutil.ParamHelper
 	aph                   mutil.ParamHelper
 	tph                   mutil.ParamHelper
-	accountsPermissionRef primitive.ObjectID
+	accountsPermissionRef bson.ObjectID
 	accService            accountservice.AccountService
 	chainGateway          chainWalletClient
 	chainAsset            *chainv1.Asset

api/server/internal/server/accountapiimp/signup.go

@@ -20,11 +20,11 @@ import (
 	chainv1 "github.com/tech/sendico/pkg/proto/gateway/chain/v1"
 	"github.com/tech/sendico/server/interface/api/srequest"
 	"github.com/tech/sendico/server/interface/api/sresponse"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
-func (a *AccountAPI) createOrg(ctx context.Context, sr *srequest.Signup, permissionRef primitive.ObjectID) (*model.Organization, error) {
+func (a *AccountAPI) createOrg(ctx context.Context, sr *srequest.Signup, permissionRef bson.ObjectID) (*model.Organization, error) {
 	name := strings.TrimSpace(sr.Organization.Name)
 	if name == "" {
 		return nil, merrors.InvalidArgument("organization name must not be empty")
@@ -35,7 +35,7 @@ func (a *AccountAPI) createOrg(ctx context.Context, sr *srequest.Signup, permiss
 
 	// explicitly set org ref for permission related checks as unprotected template implementation
 	// is not aware of permisssions and won't set org
-	orgRef := primitive.NewObjectID()
+	orgRef := bson.NewObjectID()
 	org := &model.Organization{
 		OrganizationBase: model.OrganizationBase{
 			PermissionBound: model.PermissionBound{
@@ -54,7 +54,7 @@ func (a *AccountAPI) createOrg(ctx context.Context, sr *srequest.Signup, permiss
 			},
 			TimeZone: sr.OrganizationTimeZone,
 		},
-		Members: []primitive.ObjectID{},
+		Members: []bson.ObjectID{},
 	}
 	if err := a.odb.Unprotected().Create(ctx, org); err != nil {
 		a.logger.Warn("Failed to create organization", zap.Error(err))
@@ -174,7 +174,7 @@ func (a *AccountAPI) signupTransactionBody(ctx context.Context, sr *srequest.Sig
 	return nil, nil
 }
 
-func (a *AccountAPI) grantAllPermissions(ctx context.Context, organizationRef primitive.ObjectID, roleID primitive.ObjectID, newAccount *model.Account) error {
+func (a *AccountAPI) grantAllPermissions(ctx context.Context, organizationRef bson.ObjectID, roleID bson.ObjectID, newAccount *model.Account) error {
 	om := a.pmanager.Permission()
 	policies, err := a.plcdb.All(ctx, organizationRef)
 	if err != nil {

api/server/internal/server/accountapiimp/signup_integration_test.go

@@ -17,15 +17,10 @@ import (
 	"github.com/testcontainers/testcontainers-go"
 	"github.com/testcontainers/testcontainers-go/modules/mongodb"
 	"github.com/testcontainers/testcontainers-go/wait"
-	"go.mongodb.org/mongo-driver/mongo"
-	"go.mongodb.org/mongo-driver/mongo/options"
+	"go.mongodb.org/mongo-driver/v2/mongo"
+	"go.mongodb.org/mongo-driver/v2/mongo/options"
 )
 
-// Helper function to create string pointers
-func stringPtr(s string) *string {
-	return &s
-}
-
 // TestSignupRequestSerialization tests JSON marshaling/unmarshaling with real MongoDB
 func TestSignupRequestSerialization(t *testing.T) {
 	if os.Getenv("RUN_DOCKER_TESTS") == "" {
@@ -51,7 +46,7 @@ func TestSignupRequestSerialization(t *testing.T) {
 	require.NoError(t, err, "failed to get MongoDB connection string")
 
 	clientOptions := options.Client().ApplyURI(mongoURI)
-	client, err := mongo.Connect(ctx, clientOptions)
+	client, err := mongo.Connect(clientOptions)
 	require.NoError(t, err, "failed to connect to MongoDB")
 	defer func() {
 		err := client.Disconnect(ctx)

api/server/internal/server/accountapiimp/signup_test.go

@@ -11,7 +11,7 @@ import (
 	"github.com/tech/sendico/pkg/merrors"
 	"github.com/tech/sendico/pkg/model"
 	"github.com/tech/sendico/server/interface/api/srequest"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -264,7 +264,7 @@ func (s *stubAccountDB) GetByToken(ctx context.Context, email string) (*model.Ac
 	return nil, merrors.NotImplemented("stub")
 }
 
-func (s *stubAccountDB) GetAccountsByRefs(ctx context.Context, orgRef primitive.ObjectID, refs []primitive.ObjectID) ([]model.Account, error) {
+func (s *stubAccountDB) GetAccountsByRefs(ctx context.Context, orgRef bson.ObjectID, refs []bson.ObjectID) ([]model.Account, error) {
 	return nil, merrors.NotImplemented("stub")
 }
 
@@ -276,7 +276,7 @@ func (s *stubAccountDB) InsertMany(ctx context.Context, objects []*model.Account
 	return merrors.NotImplemented("stub")
 }
 
-func (s *stubAccountDB) Get(ctx context.Context, objectRef primitive.ObjectID, result *model.Account) error {
+func (s *stubAccountDB) Get(ctx context.Context, objectRef bson.ObjectID, result *model.Account) error {
 	return merrors.NotImplemented("stub")
 }
 
@@ -284,11 +284,11 @@ func (s *stubAccountDB) Update(ctx context.Context, object *model.Account) error
 	return merrors.NotImplemented("stub")
 }
 
-func (s *stubAccountDB) Patch(ctx context.Context, objectRef primitive.ObjectID, patch builder.Patch) error {
+func (s *stubAccountDB) Patch(ctx context.Context, objectRef bson.ObjectID, patch builder.Patch) error {
 	return merrors.NotImplemented("stub")
 }
 
-func (s *stubAccountDB) Delete(ctx context.Context, objectRef primitive.ObjectID) error {
+func (s *stubAccountDB) Delete(ctx context.Context, objectRef bson.ObjectID) error {
 	return merrors.NotImplemented("stub")
 }
 
@@ -296,7 +296,7 @@ func (s *stubAccountDB) DeleteMany(ctx context.Context, query builder.Query) err
 	return merrors.NotImplemented("stub")
 }
 
-func (s *stubAccountDB) DeleteCascade(ctx context.Context, objectRef primitive.ObjectID) error {
+func (s *stubAccountDB) DeleteCascade(ctx context.Context, objectRef bson.ObjectID) error {
 	return merrors.NotImplemented("stub")
 }
 

api/server/internal/server/confirmationimp/store.go

@@ -11,7 +11,7 @@ import (
 	"github.com/tech/sendico/pkg/db/confirmation"
 	"github.com/tech/sendico/pkg/merrors"
 	"github.com/tech/sendico/pkg/model"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 var (
@@ -39,7 +39,7 @@ func NewStore(db confirmation.DB) *ConfirmationStore {
 
 func (s *ConfirmationStore) Create(
 	ctx context.Context,
-	accountRef primitive.ObjectID,
+	accountRef bson.ObjectID,
 	destination string,
 	target model.ConfirmationTarget,
 	cfg Config,
@@ -63,7 +63,7 @@ func (s *ConfirmationStore) Create(
 
 func (s *ConfirmationStore) Resend(
 	ctx context.Context,
-	accountRef primitive.ObjectID,
+	accountRef bson.ObjectID,
 	destination string,
 	target model.ConfirmationTarget,
 	cfg Config,
@@ -103,7 +103,7 @@ func (s *ConfirmationStore) Resend(
 
 func (s *ConfirmationStore) Verify(
 	ctx context.Context,
-	accountRef primitive.ObjectID,
+	accountRef bson.ObjectID,
 	destination string,
 	target model.ConfirmationTarget,
 	code string,
@@ -137,7 +137,7 @@ func (s *ConfirmationStore) Verify(
 }
 
 func (s *ConfirmationStore) buildRecord(
-	accountRef primitive.ObjectID,
+	accountRef bson.ObjectID,
 	destination string,
 	target model.ConfirmationTarget,
 	cfg Config,

api/server/internal/server/invitationimp/accept.go

@@ -11,11 +11,11 @@ import (
 	"github.com/tech/sendico/pkg/model"
 	"github.com/tech/sendico/pkg/mutil/mzap"
 	"github.com/tech/sendico/server/interface/api/srequest"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
-func (a *InvitationAPI) doAccept(ctx context.Context, invitationRef primitive.ObjectID, accData *model.AccountData) error {
+func (a *InvitationAPI) doAccept(ctx context.Context, invitationRef bson.ObjectID, accData *model.AccountData) error {
 	inv, err := a.getPendingInvitation(ctx, invitationRef)
 	if err != nil {
 		return err
@@ -38,7 +38,7 @@ func (a *InvitationAPI) doAccept(ctx context.Context, invitationRef primitive.Ob
 	return nil
 }
 
-func (a *InvitationAPI) getPendingInvitation(ctx context.Context, invitationRef primitive.ObjectID) (*model.Invitation, error) {
+func (a *InvitationAPI) getPendingInvitation(ctx context.Context, invitationRef bson.ObjectID) (*model.Invitation, error) {
 	a.Logger.Debug("Fetching invitation", mzap.ObjRef("invitation_ref", invitationRef))
 	var inv model.Invitation
 	if err := a.db.Unprotected().Get(ctx, invitationRef, &inv); err != nil {
@@ -52,7 +52,7 @@ func (a *InvitationAPI) getPendingInvitation(ctx context.Context, invitationRef
 	return &inv, nil
 }
 
-func (a *InvitationAPI) getOrganization(ctx context.Context, orgRef primitive.ObjectID, email string) (*model.Organization, error) {
+func (a *InvitationAPI) getOrganization(ctx context.Context, orgRef bson.ObjectID, email string) (*model.Organization, error) {
 	a.Logger.Debug("Fetching organization", mzap.ObjRef("organization_ref", orgRef), zap.String("email", email))
 	var org model.Organization
 	if err := a.odb.Unprotected().Get(ctx, orgRef, &org); err != nil {

api/server/internal/server/invitationimp/notifications.go

@@ -6,12 +6,12 @@ import (
 	"github.com/tech/sendico/pkg/model"
 	nm "github.com/tech/sendico/pkg/model/notification"
 	"github.com/tech/sendico/pkg/mutil/mzap"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 func (a *InvitationAPI) notification(
 	invitation *model.Invitation,
-	actorAccountRef primitive.ObjectID,
+	actorAccountRef bson.ObjectID,
 	t nm.NotificationAction,
 ) messaging.Envelope {
 	a.Logger.Debug("Sending notification of new invitation created", mzap.StorableRef(invitation))

api/server/internal/server/ledgerapiimp/balance.go

@@ -11,7 +11,7 @@ import (
 	ledgerv1 "github.com/tech/sendico/pkg/proto/ledger/v1"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -28,7 +28,7 @@ func (a *LedgerAPI) getBalance(r *http.Request, account *model.Account, token *s
 	}
 
 	ctx := r.Context()
-	res, err := a.enf.Enforce(ctx, a.balancePerm, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	res, err := a.enf.Enforce(ctx, a.balancePerm, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Warn("Failed to check ledger balance access permissions", zap.Error(err), mutil.PLog(a.oph, r), zap.String("ledger_account_ref", accountRef))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/ledgerapiimp/create.go

@@ -15,7 +15,7 @@ import (
 	"github.com/tech/sendico/server/interface/api/srequest"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -27,7 +27,7 @@ func (a *LedgerAPI) createAccount(r *http.Request, account *model.Account, token
 	}
 
 	ctx := r.Context()
-	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionCreate)
+	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionCreate)
 	if err != nil {
 		a.logger.Warn("Failed to check ledger accounts access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/ledgerapiimp/list.go

@@ -11,7 +11,7 @@ import (
 	ledgerv1 "github.com/tech/sendico/pkg/proto/ledger/v1"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 	"google.golang.org/protobuf/types/known/wrapperspb"
 )
@@ -24,7 +24,7 @@ func (a *LedgerAPI) listAccounts(r *http.Request, account *model.Account, token
 	}
 
 	ctx := r.Context()
-	hasReadPermission, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	hasReadPermission, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Warn("Failed to check ledger accounts access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/ledgerapiimp/service.go

@@ -16,7 +16,7 @@ import (
 	ledgerv1 "github.com/tech/sendico/pkg/proto/ledger/v1"
 	eapi "github.com/tech/sendico/server/interface/api"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -33,8 +33,8 @@ type LedgerAPI struct {
 	enf           auth.Enforcer
 	oph           mutil.ParamHelper
 	aph           mutil.ParamHelper
-	permissionRef primitive.ObjectID
-	balancePerm   primitive.ObjectID
+	permissionRef bson.ObjectID
+	balancePerm   bson.ObjectID
 }
 
 func (a *LedgerAPI) Name() mservice.Type { return mservice.LedgerAccounts }

api/server/internal/server/papitemplate/db.go

@@ -5,19 +5,19 @@ import (
 
 	"github.com/tech/sendico/pkg/db/repository/builder"
 	"github.com/tech/sendico/pkg/model"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type ProtectedDB[T any] interface {
-	Create(ctx context.Context, accountRef, organizationRef primitive.ObjectID, object *T) error
-	Get(ctx context.Context, accountRef, objectRef primitive.ObjectID, result *T) error
-	Update(ctx context.Context, accountRef primitive.ObjectID, object *T) error
-	Delete(ctx context.Context, accountRef, objectRef primitive.ObjectID) error
-	DeleteCascadeAuth(ctx context.Context, accountRef, objectRef primitive.ObjectID) error
-	SetArchived(ctx context.Context, accountRef, organizationRef, objectRef primitive.ObjectID, isArchived, cascade bool) error
-	List(ctx context.Context, accountRef, organizationRef, parentRef primitive.ObjectID, cursor *model.ViewCursor) ([]T, error)
+	Create(ctx context.Context, accountRef, organizationRef bson.ObjectID, object *T) error
+	Get(ctx context.Context, accountRef, objectRef bson.ObjectID, result *T) error
+	Update(ctx context.Context, accountRef bson.ObjectID, object *T) error
+	Delete(ctx context.Context, accountRef, objectRef bson.ObjectID) error
+	DeleteCascadeAuth(ctx context.Context, accountRef, objectRef bson.ObjectID) error
+	SetArchived(ctx context.Context, accountRef, organizationRef, objectRef bson.ObjectID, isArchived, cascade bool) error
+	List(ctx context.Context, accountRef, organizationRef, parentRef bson.ObjectID, cursor *model.ViewCursor) ([]T, error)
 }
 
 type ReorderDB interface {
-	Reorder(ctx context.Context, accountRef, objectRef primitive.ObjectID, newIndex int, filter builder.Query) error
+	Reorder(ctx context.Context, accountRef, objectRef bson.ObjectID, newIndex int, filter builder.Query) error
 }

api/server/internal/server/papitemplate/delete.go

@@ -9,11 +9,11 @@ import (
 	"github.com/tech/sendico/pkg/mutil/mzap"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
-func (a *ProtectedAPI[T]) deleteImp(ctx context.Context, account *model.Account, objectRef primitive.ObjectID, cascade *bool) error {
+func (a *ProtectedAPI[T]) deleteImp(ctx context.Context, account *model.Account, objectRef bson.ObjectID, cascade *bool) error {
 	var err error
 	if (cascade != nil) && (*cascade) {
 		_, err = a.a.DBFactory().TransactionFactory().CreateTransaction().Execute(ctx, func(ctx context.Context) (any, error) {

api/server/internal/server/papitemplate/nconfig.go

@@ -4,14 +4,14 @@ import (
 	"github.com/tech/sendico/pkg/messaging"
 	notifications "github.com/tech/sendico/pkg/messaging/envelope"
 	model "github.com/tech/sendico/pkg/model/notification"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 // NotificationHandler is a function that processes an object of type T and returns an error.
-type NotificationHandler[T any] func(template T, actorAccountRef primitive.ObjectID) error
+type NotificationHandler[T any] func(template T, actorAccountRef bson.ObjectID) error
 
 // sinkNotification is the default no-op strategy.
-func sinkNotification[T any](_ T, _ primitive.ObjectID) error {
+func sinkNotification[T any](_ T, _ bson.ObjectID) error {
 	return nil
 }
 
@@ -19,7 +19,7 @@ func sinkNotification[T any](_ T, _ primitive.ObjectID) error {
 type NotificationConfig[T any] struct {
 	producer messaging.Producer
 	// The factory now receives a NotificationAction so it knows which event is being processed.
-	factory                 func(template T, actorAccountRef primitive.ObjectID, t model.NotificationAction) notifications.Envelope
+	factory                 func(template T, actorAccountRef bson.ObjectID, t model.NotificationAction) notifications.Envelope
 	CreateNotification      NotificationHandler[T]
 	UpdateNotification      NotificationHandler[T]
 	NeedArchiveNotification bool
@@ -43,20 +43,20 @@ func NewNotificationConfig[T any](producer messaging.Producer) *NotificationConf
 }
 
 // WithNotifications sets the notification factory and switches all endpoints to the sending strategy.
-func (nc *NotificationConfig[T]) WithNotifications(factory func(template T, actorAccountRef primitive.ObjectID, typ model.NotificationAction) notifications.Envelope) *NotificationConfig[T] {
+func (nc *NotificationConfig[T]) WithNotifications(factory func(template T, actorAccountRef bson.ObjectID, typ model.NotificationAction) notifications.Envelope) *NotificationConfig[T] {
 	nc.factory = factory
 	// Build sending functions for each notification type.
-	nc.CreateNotification = func(template T, actorAccountRef primitive.ObjectID) error {
+	nc.CreateNotification = func(template T, actorAccountRef bson.ObjectID) error {
 		return nc.producer.SendMessage(factory(template, actorAccountRef, model.NACreated))
 	}
-	nc.UpdateNotification = func(template T, actorAccountRef primitive.ObjectID) error {
+	nc.UpdateNotification = func(template T, actorAccountRef bson.ObjectID) error {
 		return nc.producer.SendMessage(factory(template, actorAccountRef, model.NAUpdated))
 	}
-	nc.ArchiveNotification = func(template T, actorAccountRef primitive.ObjectID) error {
+	nc.ArchiveNotification = func(template T, actorAccountRef bson.ObjectID) error {
 		return nc.producer.SendMessage(factory(template, actorAccountRef, model.NAArchived))
 	}
 	nc.NeedArchiveNotification = true
-	nc.DeleteNotification = func(template T, actorAccountRef primitive.ObjectID) error {
+	nc.DeleteNotification = func(template T, actorAccountRef bson.ObjectID) error {
 		return nc.producer.SendMessage(factory(template, actorAccountRef, model.NADeleted))
 	}
 	nc.NeedDeleteNotification = true

api/server/internal/server/papitemplate/service.go

@@ -11,7 +11,7 @@ import (
 	eapi "github.com/tech/sendico/server/interface/api"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -82,7 +82,7 @@ func (a *ProtectedAPI[T]) Build() *ProtectedAPI[T] {
 	return a
 }
 
-func (a *ProtectedAPI[T]) WithNotifications(factory func(template *T, actorAccountRef primitive.ObjectID, t model.NotificationAction) notifications.Envelope) *ProtectedAPI[T] {
+func (a *ProtectedAPI[T]) WithNotifications(factory func(template *T, actorAccountRef bson.ObjectID, t model.NotificationAction) notifications.Envelope) *ProtectedAPI[T] {
 	a.nconfig.WithNotifications(factory)
 	a.Logger.Info("Notificatons handler installed")
 	return a

api/server/internal/server/papitemplate/tconfig.go

@@ -6,7 +6,7 @@ import (
 	"net/http"
 
 	"github.com/tech/sendico/server/interface/api/srequest"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
 type (
@@ -17,12 +17,12 @@ type (
 
 // TaggableDB interface defines the required methods for tag operations
 type TaggableDB interface {
-	AddTag(ctx context.Context, accountRef, objectRef, tagRef primitive.ObjectID) error
-	AddTags(ctx context.Context, accountRef, objectRef primitive.ObjectID, tagRefs []primitive.ObjectID) error
-	RemoveTag(ctx context.Context, accountRef, objectRef, tagRef primitive.ObjectID) error
-	RemoveAllTags(ctx context.Context, accountRef, objectRef primitive.ObjectID) error
-	SetTags(ctx context.Context, accountRef, objectRef primitive.ObjectID, tagRefs []primitive.ObjectID) error
-	GetTags(ctx context.Context, accountRef, objectRef primitive.ObjectID) ([]primitive.ObjectID, error)
+	AddTag(ctx context.Context, accountRef, objectRef, tagRef bson.ObjectID) error
+	AddTags(ctx context.Context, accountRef, objectRef bson.ObjectID, tagRefs []bson.ObjectID) error
+	RemoveTag(ctx context.Context, accountRef, objectRef, tagRef bson.ObjectID) error
+	RemoveAllTags(ctx context.Context, accountRef, objectRef bson.ObjectID) error
+	SetTags(ctx context.Context, accountRef, objectRef bson.ObjectID, tagRefs []bson.ObjectID) error
+	GetTags(ctx context.Context, accountRef, objectRef bson.ObjectID) ([]bson.ObjectID, error)
 }
 
 type TaggableConfig struct {

api/server/internal/server/paymentapiimp/discovery.go

@@ -8,12 +8,12 @@ import (
 
 	"github.com/tech/sendico/pkg/api/http/response"
 	"github.com/tech/sendico/pkg/discovery"
-	me "github.com/tech/sendico/pkg/messaging/envelope"
 	"github.com/tech/sendico/pkg/merrors"
+	me "github.com/tech/sendico/pkg/messaging/envelope"
 	"github.com/tech/sendico/pkg/model"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -31,7 +31,7 @@ func (a *PaymentAPI) listDiscoveryRegistry(r *http.Request, account *model.Accou
 	}
 
 	ctx := r.Context()
-	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Warn("Failed to check payments access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)
@@ -65,7 +65,7 @@ func (a *PaymentAPI) getDiscoveryRefresh(r *http.Request, account *model.Account
 	}
 
 	ctx := r.Context()
-	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Warn("Failed to check payments access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/paymentapiimp/list.go

@@ -13,7 +13,7 @@ import (
 	orchestratorv1 "github.com/tech/sendico/pkg/proto/payments/orchestrator/v1"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -27,7 +27,7 @@ func (a *PaymentAPI) listPayments(r *http.Request, account *model.Account, token
 	}
 
 	ctx := r.Context()
-	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Warn("Failed to check payments access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/paymentapiimp/pay.go

@@ -13,7 +13,7 @@ import (
 	"github.com/tech/sendico/server/interface/api/srequest"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -26,7 +26,7 @@ func (a *PaymentAPI) initiatePayment(r *http.Request, account *model.Account, to
 	}
 
 	ctx := r.Context()
-	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionCreate)
+	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionCreate)
 	if err != nil {
 		a.logger.Warn("Failed to check payments access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/paymentapiimp/paybatch.go

@@ -12,7 +12,7 @@ import (
 	"github.com/tech/sendico/server/interface/api/srequest"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -24,7 +24,7 @@ func (a *PaymentAPI) initiatePaymentsByQuote(r *http.Request, account *model.Acc
 	}
 
 	ctx := r.Context()
-	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionCreate)
+	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionCreate)
 	if err != nil {
 		a.logger.Warn("Failed to check payments access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/paymentapiimp/quote.go

@@ -12,7 +12,7 @@ import (
 	"github.com/tech/sendico/server/interface/api/srequest"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -24,7 +24,7 @@ func (a *PaymentAPI) quotePayment(r *http.Request, account *model.Account, token
 	}
 
 	ctx := r.Context()
-	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionCreate)
+	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionCreate)
 	if err != nil {
 		a.logger.Warn("Failed to check payments access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)
@@ -76,7 +76,7 @@ func (a *PaymentAPI) quotePayments(r *http.Request, account *model.Account, toke
 	}
 
 	ctx := r.Context()
-	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionCreate)
+	allowed, err := a.enf.Enforce(ctx, a.permissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionCreate)
 	if err != nil {
 		a.logger.Warn("Failed to check payments access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/paymentapiimp/service.go

@@ -20,7 +20,7 @@ import (
 	orchestratorv1 "github.com/tech/sendico/pkg/proto/payments/orchestrator/v1"
 	eapi "github.com/tech/sendico/server/interface/api"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -43,7 +43,7 @@ type PaymentAPI struct {
 	refreshMu       sync.RWMutex
 	refreshEvent    *discovery.RefreshEvent
 
-	permissionRef primitive.ObjectID
+	permissionRef bson.ObjectID
 }
 
 func (a *PaymentAPI) Name() mservice.Type { return mservice.Payments }

api/server/internal/server/permissionsimp/changepolicies.go

@@ -12,7 +12,7 @@ import (
 	"github.com/tech/sendico/pkg/mservice"
 	"github.com/tech/sendico/server/interface/api/srequest"
 	"github.com/tech/sendico/server/interface/api/sresponse"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -53,14 +53,14 @@ func (a *PermissionsAPI) changePoliciesImp(
 	handle := func(items *[]model.RolePolicy, action model.Action, opName string, apply func(context.Context, *model.RolePolicy) error) error {
 		for _, it := range *items {
 			// 1) permission check
-			ok, err := a.enforcer.Enforce(ctx, a.policiesPermissionRef, account.ID, it.OrganizationRef, primitive.NilObjectID, action)
+			ok, err := a.enforcer.Enforce(ctx, a.policiesPermissionRef, account.ID, it.OrganizationRef, bson.NilObjectID, action)
 			if err != nil {
 				a.logger.Warn(fmt.Sprintf("failed to enforce permission while %s policy", opName), zap.Error(err), zap.Any(opName, &it))
 				return err
 			}
 			if !ok {
 				a.logger.Debug(fmt.Sprintf("policy %s denied", opName))
-				return merrors.AccessDenied(mservice.Policies, string(action), primitive.NilObjectID)
+				return merrors.AccessDenied(mservice.Policies, string(action), bson.NilObjectID)
 			}
 
 			// 2) perform the add/remove

api/server/internal/server/permissionsimp/changerole.go

@@ -12,7 +12,7 @@ import (
 	"github.com/tech/sendico/server/interface/api/srequest"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -52,7 +52,7 @@ func (a *PermissionsAPI) changeRole(r *http.Request, account *model.Account, _ *
 	return a.changeRoleImp(ctx, &req, orgRef, account)
 }
 
-func (a *PermissionsAPI) changeRoleImp(ctx context.Context, req *srequest.ChangeRole, organizationRef primitive.ObjectID, account *model.Account) http.HandlerFunc {
+func (a *PermissionsAPI) changeRoleImp(ctx context.Context, req *srequest.ChangeRole, organizationRef bson.ObjectID, account *model.Account) http.HandlerFunc {
 	roles, err := a.enforcer.GetRoles(ctx, req.AccountRef, organizationRef)
 	// TODO: add check that role revocation won't leave venue without the owner
 	if err != nil {

api/server/internal/server/permissionsimp/get_all.go

@@ -9,14 +9,14 @@ import (
 	"github.com/tech/sendico/pkg/mutil/mzap"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
 func (a *PermissionsAPI) getRolePolicies(ctx context.Context, roles []model.RoleDescription) ([]model.RolePolicy, error) {
 	policies := make([]model.RolePolicy, 0)
 
-	uniqueRefs := make(map[primitive.ObjectID]struct{})
+	uniqueRefs := make(map[bson.ObjectID]struct{})
 	for _, role := range roles {
 		uniqueRefs[*role.GetID()] = struct{}{}
 	}
@@ -40,7 +40,7 @@ func (a *PermissionsAPI) getAll(r *http.Request, account *model.Account, accessT
 	}
 
 	ctx := r.Context()
-	res, err := a.enforcer.Enforce(ctx, a.rolesPermissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	res, err := a.enforcer.Enforce(ctx, a.rolesPermissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Debug("Error occurred", zap.Error(err))
 		response.Auto(a.logger, a.Name(), err)

api/server/internal/server/permissionsimp/permissions.go

@@ -8,11 +8,11 @@ import (
 	"github.com/tech/sendico/pkg/model"
 	"github.com/tech/sendico/pkg/mutil/mzap"
 	"github.com/tech/sendico/server/interface/api/sresponse"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
-func (a *PermissionsAPI) permissions(ctx context.Context, organizationRef primitive.ObjectID, roles []model.Role, permissions []model.Permission, accessToken *sresponse.TokenData) http.HandlerFunc {
+func (a *PermissionsAPI) permissions(ctx context.Context, organizationRef bson.ObjectID, roles []model.Role, permissions []model.Permission, accessToken *sresponse.TokenData) http.HandlerFunc {
 	roleDescs, err := a.rdb.List(ctx, organizationRef, nil)
 	if err != nil {
 		a.logger.Warn("Failed to fetch organization roles", zap.Error(err), mzap.ObjRef("organization_ref", organizationRef))

api/server/internal/server/permissionsimp/service.go

@@ -14,7 +14,7 @@ import (
 	"github.com/tech/sendico/pkg/mservice"
 	eapi "github.com/tech/sendico/server/interface/api"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -25,8 +25,8 @@ type PermissionsAPI struct {
 	rdb                   role.DB
 	enforcer              auth.Enforcer
 	manager               auth.Manager
-	rolesPermissionRef    primitive.ObjectID
-	policiesPermissionRef primitive.ObjectID
+	rolesPermissionRef    bson.ObjectID
+	policiesPermissionRef bson.ObjectID
 	Rph                   mutil.ParamHelper
 	tf                    transaction.Factory
 	auth                  auth.Manager

api/server/internal/server/walletapiimp/balance.go

@@ -15,7 +15,7 @@ import (
 	connectorv1 "github.com/tech/sendico/pkg/proto/connector/v1"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
@@ -34,7 +34,7 @@ func (a *WalletAPI) getWalletBalance(r *http.Request, account *model.Account, to
 	}
 
 	ctx := r.Context()
-	res, err := a.enf.Enforce(ctx, a.balancesPermissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	res, err := a.enf.Enforce(ctx, a.balancesPermissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Warn("Failed to check wallet balance permissions", zap.Error(err), mutil.PLog(a.oph, r), zap.String("wallet_ref", walletRef))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/walletapiimp/create.go

@@ -18,7 +18,7 @@ import (
 	"github.com/tech/sendico/server/interface/api/srequest"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
@@ -40,7 +40,7 @@ func (a *WalletAPI) create(r *http.Request, account *model.Account, token *sresp
 	}
 
 	ctx := r.Context()
-	res, err := a.enf.Enforce(ctx, a.walletsPermissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionCreate)
+	res, err := a.enf.Enforce(ctx, a.walletsPermissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionCreate)
 	if err != nil {
 		a.logger.Warn("Failed to check chain wallet access permissions", zap.Error(err), mutil.PLog(a.oph, r), mzap.StorableRef(account))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/walletapiimp/list.go

@@ -16,7 +16,7 @@ import (
 	connectorv1 "github.com/tech/sendico/pkg/proto/connector/v1"
 	"github.com/tech/sendico/server/interface/api/sresponse"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
@@ -32,7 +32,7 @@ func (a *WalletAPI) listWallets(r *http.Request, account *model.Account, token *
 	}
 
 	ctx := r.Context()
-	hasReadPermission, err := a.enf.Enforce(ctx, a.walletsPermissionRef, account.ID, orgRef, primitive.NilObjectID, model.ActionRead)
+	hasReadPermission, err := a.enf.Enforce(ctx, a.walletsPermissionRef, account.ID, orgRef, bson.NilObjectID, model.ActionRead)
 	if err != nil {
 		a.logger.Warn("Failed to check chain wallet access permissions", zap.Error(err), mutil.PLog(a.oph, r))
 		return response.Auto(a.logger, a.Name(), err)

api/server/internal/server/walletapiimp/service.go

@@ -14,7 +14,7 @@ import (
 	"github.com/tech/sendico/pkg/mservice"
 	eapi "github.com/tech/sendico/server/interface/api"
 	mutil "github.com/tech/sendico/server/internal/mutil/param"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	"go.uber.org/zap"
 )
 
@@ -31,8 +31,8 @@ type WalletAPI struct {
 	enf                   auth.Enforcer
 	oph                   mutil.ParamHelper
 	wph                   mutil.ParamHelper
-	walletsPermissionRef  primitive.ObjectID
-	balancesPermissionRef primitive.ObjectID
+	walletsPermissionRef  bson.ObjectID
+	balancesPermissionRef bson.ObjectID
 	assets                chainassets.DB
 
 	// Gateway connection settings

api/server/tmp/build-errors.log

@@ -1 +1 @@
-exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1
+exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1exit status 1