npm - opal-security - Versions diffs - 3.1.0 → 3.1.1-beta.778ef29 - Mend

opal-security 3.1.0 → 3.1.1-beta.778ef29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md +18 -34
package/lib/commands/request/list.d.ts +0 -1
package/lib/commands/request/list.js +1 -1
package/lib/graphql/gql.d.ts +7 -2
package/lib/graphql/gql.js +2 -1
package/lib/graphql/graphql.d.ts +19 -0
package/lib/graphql/graphql.js +152 -1
package/lib/lib/requests.d.ts +1 -1
package/lib/lib/requests.js +116 -42
package/lib/utils/displays.js +4 -4
package/oclif.manifest.json +2 -4
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -22,7 +22,7 @@ $ npm install -g opal-security
 $ opal COMMAND
 running command...
 $ opal (--version)
-opal-security/3.1.0 linux-x64 node-v20.19.0
+opal-security/3.1.1-beta.778ef29 linux-x64 node-v20.19.1
 $ opal --help [COMMAND]
 USAGE
   $ opal COMMAND
@@ -44,7 +44,6 @@ USAGE
 * [`opal login`](#opal-login)
 * [`opal logout`](#opal-logout)
 * [`opal postgres-instances start`](#opal-postgres-instances-start)
-* [`opal request ls`](#opal-request-ls)
 * [`opal resources get`](#opal-resources-get)
 * [`opal set-auth-provider`](#opal-set-auth-provider)
 * [`opal set-custom-header`](#opal-set-custom-header)
@@ -102,7 +101,7 @@ EXAMPLES
   $ opal aws:identity
 ```
-_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/aws/identity.ts)_
+_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/aws/identity.ts)_
 ## `opal clear-auth-provider`
@@ -122,7 +121,7 @@ EXAMPLES
   $ opal clear-auth-provider
 ```
-_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/clear-auth-provider.ts)_
+_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/clear-auth-provider.ts)_
 ## `opal curl-example`
@@ -139,7 +138,7 @@ DESCRIPTION
   Prints out an example cURL command containing the parameters the CLI uses to query the Opal server.
 ```
-_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/curl-example.ts)_
+_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/curl-example.ts)_
 ## `opal groups get`
@@ -160,7 +159,7 @@ EXAMPLES
   $ opal groups:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
-_See code: [src/commands/groups/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/groups/get.ts)_
+_See code: [src/commands/groups/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/groups/get.ts)_
 ## `opal help [COMMANDS]`
@@ -210,7 +209,7 @@ EXAMPLES
   $ opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"
 ```
-_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/iam-roles/start.ts)_
+_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/iam-roles/start.ts)_
 ## `opal kube-roles start`
@@ -241,7 +240,7 @@ EXAMPLES
   $ opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId "arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role"
 ```
-_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/kube-roles/start.ts)_
+_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/kube-roles/start.ts)_
 ## `opal login`
@@ -262,7 +261,7 @@ EXAMPLES
   $ opal login
 ```
-_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/login.ts)_
+_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/login.ts)_
 ## `opal logout`
@@ -282,7 +281,7 @@ EXAMPLES
   $ opal logout
 ```
-_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/logout.ts)_
+_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/logout.ts)_
 ## `opal postgres-instances start`
@@ -319,22 +318,7 @@ EXAMPLES
   $ opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId fullaccess --action view
 ```
-_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/postgres-instances/start.ts)_
-## `opal request ls`
-Lists access requests
-```
-USAGE
-  $ opal request ls
-DESCRIPTION
-  Lists access requests
-ALIASES
-  $ opal request ls
-```
+_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/postgres-instances/start.ts)_
 ## `opal resources get`
@@ -355,7 +339,7 @@ EXAMPLES
   $ opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
-_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/resources/get.ts)_
+_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/resources/get.ts)_
 ## `opal set-auth-provider`
@@ -381,7 +365,7 @@ EXAMPLES
   $ opal set-auth-provider --clientID 1234asdf --issuerUrl https://auth.example.com
 ```
-_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/set-auth-provider.ts)_
+_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/set-auth-provider.ts)_
 ## `opal set-custom-header`
@@ -402,7 +386,7 @@ EXAMPLES
   $ opal set-custom-header --header 'cf-access-token: $TOKEN'
 ```
-_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/set-custom-header.ts)_
+_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/set-custom-header.ts)_
 ## `opal set-token`
@@ -422,7 +406,7 @@ EXAMPLES
   $ opal set-token
 ```
-_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/set-token.ts)_
+_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/set-token.ts)_
 ## `opal set-url [URL]`
@@ -446,7 +430,7 @@ EXAMPLES
   $ opal set-url
 ```
-_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/set-url.ts)_
+_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/set-url.ts)_
 ## `opal ssh copyFrom`
@@ -477,7 +461,7 @@ EXAMPLES
   $ opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
-_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/ssh/copyFrom.ts)_
+_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/ssh/copyFrom.ts)_
 ## `opal ssh copyTo`
@@ -508,7 +492,7 @@ EXAMPLES
   $ opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
-_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/ssh/copyTo.ts)_
+_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/ssh/copyTo.ts)_
 ## `opal ssh start`
@@ -535,7 +519,7 @@ EXAMPLES
   $ opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
-_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.0/src/commands/ssh/start.ts)_
+_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.778ef29/src/commands/ssh/start.ts)_
 ## `opal version`

package/lib/commands/request/list.d.ts CHANGED Viewed

@@ -2,6 +2,5 @@ import { Command } from "@oclif/core";
 export default class RequestList extends Command {
     static hidden: boolean;
     static description: string;
-    static aliases: string[];
     run(): Promise<void>;
 }

package/lib/commands/request/list.js CHANGED Viewed

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const core_1 = require("@oclif/core");
 const utils_1 = require("../../utils/utils");
 class RequestList extends core_1.Command {
+    // static aliases = ["request:ls"];
     async run() {
         (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
         this.log("Running the list command");
@@ -10,5 +11,4 @@ class RequestList extends core_1.Command {
 }
 RequestList.hidden = true;
 RequestList.description = "Lists access requests";
-RequestList.aliases = ["request:ls"];
 exports.default = RequestList;

package/lib/graphql/gql.d.ts CHANGED Viewed

@@ -15,7 +15,8 @@ type Documents = {
     "\nquery GetGroup($id: GroupId!) {\n    group(input: { id: $id }) {\n    __typename\n    ... on GroupResult {\n      group {\n        name\n        id\n        description\n        groupType\n        adminOwnerId\n        groupLeaders {\n            fullName\n            email\n            id\n        }\n        connection {\n            name\n            id\n            connectionType\n        }\n        paginatedGroupUsers {\n            totalNumGroupUsers\n            groupUsers {\n                user {\n                    fullName\n                    email\n                    id\n                }\n            }\n        }\n      }\n    }\n    ... on GroupNotFoundError {\n      message\n    }\n  }\n}": typeof types.GetGroupDocument;
     "\nquery CheckAuthSessionQuery {\n  organizationSettings {\n    ... on OrganizationSettingsResult {\n      settings {\n        id\n      }\n    }\n  }\n}\n": typeof types.CheckAuthSessionQueryDocument;
     '\n  query GetRequestableAppsQuery($searchQuery: String) {\n    appsV2(\n      filters: {\n        access: REQUESTABLE\n        searchQuery: $searchQuery\n      }\n    ) @connection(key: "paginated-app-dropdown") {\n      edges {\n        node {\n          id\n          displayName\n          ... on Connection {\n            connectionType\n          }\n          ... on Resource {\n            resourceType\n          }\n        }\n      }\n      pageInfo {\n        hasNextPage\n        hasPreviousPage\n        startCursor\n        endCursor\n      }\n    }\n  }\n  ': typeof types.GetRequestableAppsQueryDocument;
-    "\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n  }\n}\n": typeof types.PaginatedEntityDropdownDocument;
+    "\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n    ... on AppNotFoundError {\n      message\n    }\n  }\n}\n": typeof types.PaginatedEntityDropdownDocument;
+    "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          __typename\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n": typeof types.ResourceAccessLevelsDocument;
 };
 declare const documents: Documents;
 /**
@@ -46,6 +47,10 @@ export declare function graphql(source: '\n  query GetRequestableAppsQuery($sear
 /**
  * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
  */
-export declare function graphql(source: "\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n  }\n}\n"): (typeof documents)["\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n  }\n}\n"];
+export declare function graphql(source: "\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n    ... on AppNotFoundError {\n      message\n    }\n  }\n}\n"): (typeof documents)["\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n    ... on AppNotFoundError {\n      message\n    }\n  }\n}\n"];
+/**
+ * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
+ */
+export declare function graphql(source: "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          __typename\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n"): (typeof documents)["\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          __typename\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n"];
 export type DocumentType<TDocumentNode extends DocumentNode<any, any>> = TDocumentNode extends DocumentNode<infer TType, any> ? TType : never;
 export {};

package/lib/graphql/gql.js CHANGED Viewed

@@ -7,7 +7,8 @@ const documents = {
     "\nquery GetGroup($id: GroupId!) {\n    group(input: { id: $id }) {\n    __typename\n    ... on GroupResult {\n      group {\n        name\n        id\n        description\n        groupType\n        adminOwnerId\n        groupLeaders {\n            fullName\n            email\n            id\n        }\n        connection {\n            name\n            id\n            connectionType\n        }\n        paginatedGroupUsers {\n            totalNumGroupUsers\n            groupUsers {\n                user {\n                    fullName\n                    email\n                    id\n                }\n            }\n        }\n      }\n    }\n    ... on GroupNotFoundError {\n      message\n    }\n  }\n}": types.GetGroupDocument,
     "\nquery CheckAuthSessionQuery {\n  organizationSettings {\n    ... on OrganizationSettingsResult {\n      settings {\n        id\n      }\n    }\n  }\n}\n": types.CheckAuthSessionQueryDocument,
     '\n  query GetRequestableAppsQuery($searchQuery: String) {\n    appsV2(\n      filters: {\n        access: REQUESTABLE\n        searchQuery: $searchQuery\n      }\n    ) @connection(key: "paginated-app-dropdown") {\n      edges {\n        node {\n          id\n          displayName\n          ... on Connection {\n            connectionType\n          }\n          ... on Resource {\n            resourceType\n          }\n        }\n      }\n      pageInfo {\n        hasNextPage\n        hasPreviousPage\n        startCursor\n        endCursor\n      }\n    }\n  }\n  ': types.GetRequestableAppsQueryDocument,
-    "\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n  }\n}\n": types.PaginatedEntityDropdownDocument,
+    "\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n    ... on AppNotFoundError {\n      message\n    }\n  }\n}\n": types.PaginatedEntityDropdownDocument,
+    "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          __typename\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n": types.ResourceAccessLevelsDocument,
 };
 function graphql(source) {
     var _a;

package/lib/graphql/graphql.d.ts CHANGED Viewed

@@ -11514,9 +11514,28 @@ export type PaginatedEntityDropdownQuery = {
         };
     } | {
         __typename: "AppNotFoundError";
+        message: string;
+    };
+};
+export type ResourceAccessLevelsQueryVariables = Exact<{
+    resourceId: Scalars["ResourceId"]["input"];
+}>;
+export type ResourceAccessLevelsQuery = {
+    __typename?: "Query";
+    accessLevels: {
+        __typename: "ResourceAccessLevelsResult";
+        accessLevels: Array<{
+            __typename: "ResourceAccessLevel";
+            accessLevelName: string;
+            accessLevelRemoteId: string;
+        }>;
+    } | {
+        __typename: "ResourceNotFoundError";
+        message: string;
     };
 };
 export declare const GetGroupDocument: DocumentNode<GetGroupQuery, GetGroupQueryVariables>;
 export declare const CheckAuthSessionQueryDocument: DocumentNode<CheckAuthSessionQueryQuery, CheckAuthSessionQueryQueryVariables>;
 export declare const GetRequestableAppsQueryDocument: DocumentNode<GetRequestableAppsQueryQuery, GetRequestableAppsQueryQueryVariables>;
 export declare const PaginatedEntityDropdownDocument: DocumentNode<PaginatedEntityDropdownQuery, PaginatedEntityDropdownQueryVariables>;
+export declare const ResourceAccessLevelsDocument: DocumentNode<ResourceAccessLevelsQuery, ResourceAccessLevelsQueryVariables>;

package/lib/graphql/graphql.js CHANGED Viewed

@@ -2,7 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.HealthStatus = exports.GroupUserSource = exports.GroupUserSortByField = exports.GroupType = exports.GroupResourceSource = exports.GroupBindingsSortByField = exports.GroupBindingSuggestionsSortByField = exports.GeneralSettingType = exports.FiltersMatchMode = exports.FactorType = exports.EventType = exports.EventSeverity = exports.ErrorNotificationSettingType = exports.EntityType = exports.ConnectionValidationStatus = exports.ConnectionValidationSeverity = exports.ConnectionType = exports.BundlesSortByField = exports.BundleItemsSortByField = exports.AuthType = exports.AuthSessionStatus = exports.AuthFlowType = exports.AssociatedItemsSortByField = exports.AssignmentsSortByField = exports.AppsSortByField = exports.AppType = exports.AppItemsSortByField = exports.AppCategory = exports.ApiAuthType = exports.ApiAccessLevel = exports.AldwinRole = exports.AccessType = exports.AccessRuleStatus = exports.AccessReviewUserWarningType = exports.AccessReviewType = exports.AccessReviewTab = exports.AccessReviewSummaryStatus = exports.AccessReviewStatus = exports.AccessReviewReviewerAssignmentPolicy = exports.AccessReviewItemsSortByField = exports.AccessReviewItemStatus = exports.AccessReviewItemOutcome = exports.AccessReviewGroupResourceVisibilityPolicy = exports.AccessReviewGroupItemKind = exports.AccessReviewEndUserView = exports.AccessReviewAssignedStatus = exports.AccessReviewAction = exports.AccessOption = exports.AccessChangeType = exports.AwsIdentityCenterImportSetting = void 0;
 exports.TaskTrigger = exports.TagsSortByField = exports.TagFilterMatchMode = exports.SyncType = exports.SyncTaskStatus = exports.SubEventsSortByField = exports.StringFormatType = exports.SortDirection = exports.ServiceType = exports.SearchType = exports.RolePermissionTargetType = exports.RolePermission = exports.RoleAssignmentsSortByField = exports.RoleAssignmentSource = exports.RiskLevel = exports.ReviewerUserStatus = exports.ReviewerAction = exports.ReviewStageOperator = exports.ResourceUserSource = exports.ResourceUserSortByField = exports.ResourceType = exports.RequestsSortByField = exports.RequestType = exports.RequestTemplateCustomFieldType = exports.RequestStatus = exports.RequestMessageLevel = exports.RequestMessageCode = exports.RequestApprovalType = exports.RecommendationsSubscoreType = exports.RecommendationsMetricType = exports.RecommendationsFeedbackType = exports.RecommendationsEntityType = exports.PubsubPublishMessageType = exports.PubsubPublishMessageStatusCode = exports.PubsubPublishConnectionType = exports.ProvisionSource = exports.PropagationTaskType = exports.PropagationStatusCode = exports.OwnersSortByField = exports.OrganizationType = exports.OidcProviderType = exports.NotificationType = exports.MessageChannelType = exports.MfaProvider = exports.IntegrationType = exports.ImportSetting = exports.IdpConnectionUserAttributeUseAs = exports.IdpConnectionType = exports.IdentityCategory = exports.HrIdpStatus = void 0;
-exports.PaginatedEntityDropdownDocument = exports.GetRequestableAppsQueryDocument = exports.CheckAuthSessionQueryDocument = exports.GetGroupDocument = exports.RequestDecisionLevel = exports.WebhookPubsubPublishConnectionAuthType = exports.WebhookPubsubPublishConnectionApiKeyLocation = exports.Visibility = exports.VerifyFactorStatus = exports.UsersSortByField = exports.UserProductRole = exports.UserErrorType = exports.UsageAttributionType = exports.UiSource = exports.TimePeriod = exports.TimeBucket = exports.ThirdPartyProvider = void 0;
+exports.ResourceAccessLevelsDocument = exports.PaginatedEntityDropdownDocument = exports.GetRequestableAppsQueryDocument = exports.CheckAuthSessionQueryDocument = exports.GetGroupDocument = exports.RequestDecisionLevel = exports.WebhookPubsubPublishConnectionAuthType = exports.WebhookPubsubPublishConnectionApiKeyLocation = exports.Visibility = exports.VerifyFactorStatus = exports.UsersSortByField = exports.UserProductRole = exports.UserErrorType = exports.UsageAttributionType = exports.UiSource = exports.TimePeriod = exports.TimeBucket = exports.ThirdPartyProvider = void 0;
 var AwsIdentityCenterImportSetting;
 (function (AwsIdentityCenterImportSetting) {
     AwsIdentityCenterImportSetting["All"] = "ALL";
@@ -2026,6 +2026,157 @@ exports.PaginatedEntityDropdownDocument = {
                                         ],
                                     },
                                 },
+                                {
+                                    kind: "InlineFragment",
+                                    typeCondition: {
+                                        kind: "NamedType",
+                                        name: { kind: "Name", value: "AppNotFoundError" },
+                                    },
+                                    selectionSet: {
+                                        kind: "SelectionSet",
+                                        selections: [
+                                            {
+                                                kind: "Field",
+                                                name: { kind: "Name", value: "message" },
+                                            },
+                                        ],
+                                    },
+                                },
+                            ],
+                        },
+                    },
+                ],
+            },
+        },
+    ],
+};
+exports.ResourceAccessLevelsDocument = {
+    kind: "Document",
+    definitions: [
+        {
+            kind: "OperationDefinition",
+            operation: "query",
+            name: { kind: "Name", value: "ResourceAccessLevels" },
+            variableDefinitions: [
+                {
+                    kind: "VariableDefinition",
+                    variable: {
+                        kind: "Variable",
+                        name: { kind: "Name", value: "resourceId" },
+                    },
+                    type: {
+                        kind: "NonNullType",
+                        type: {
+                            kind: "NamedType",
+                            name: { kind: "Name", value: "ResourceId" },
+                        },
+                    },
+                },
+            ],
+            selectionSet: {
+                kind: "SelectionSet",
+                selections: [
+                    {
+                        kind: "Field",
+                        name: { kind: "Name", value: "accessLevels" },
+                        arguments: [
+                            {
+                                kind: "Argument",
+                                name: { kind: "Name", value: "input" },
+                                value: {
+                                    kind: "ObjectValue",
+                                    fields: [
+                                        {
+                                            kind: "ObjectField",
+                                            name: { kind: "Name", value: "resourceId" },
+                                            value: {
+                                                kind: "Variable",
+                                                name: { kind: "Name", value: "resourceId" },
+                                            },
+                                        },
+                                        {
+                                            kind: "ObjectField",
+                                            name: { kind: "Name", value: "onlyMine" },
+                                            value: { kind: "BooleanValue", value: false },
+                                        },
+                                    ],
+                                },
+                            },
+                        ],
+                        selectionSet: {
+                            kind: "SelectionSet",
+                            selections: [
+                                { kind: "Field", name: { kind: "Name", value: "__typename" } },
+                                {
+                                    kind: "InlineFragment",
+                                    typeCondition: {
+                                        kind: "NamedType",
+                                        name: { kind: "Name", value: "ResourceAccessLevelsResult" },
+                                    },
+                                    selectionSet: {
+                                        kind: "SelectionSet",
+                                        selections: [
+                                            {
+                                                kind: "Field",
+                                                name: { kind: "Name", value: "accessLevels" },
+                                                selectionSet: {
+                                                    kind: "SelectionSet",
+                                                    selections: [
+                                                        {
+                                                            kind: "Field",
+                                                            name: { kind: "Name", value: "__typename" },
+                                                        },
+                                                        {
+                                                            kind: "InlineFragment",
+                                                            typeCondition: {
+                                                                kind: "NamedType",
+                                                                name: {
+                                                                    kind: "Name",
+                                                                    value: "ResourceAccessLevel",
+                                                                },
+                                                            },
+                                                            selectionSet: {
+                                                                kind: "SelectionSet",
+                                                                selections: [
+                                                                    {
+                                                                        kind: "Field",
+                                                                        name: {
+                                                                            kind: "Name",
+                                                                            value: "accessLevelName",
+                                                                        },
+                                                                    },
+                                                                    {
+                                                                        kind: "Field",
+                                                                        name: {
+                                                                            kind: "Name",
+                                                                            value: "accessLevelRemoteId",
+                                                                        },
+                                                                    },
+                                                                ],
+                                                            },
+                                                        },
+                                                    ],
+                                                },
+                                            },
+                                        ],
+                                    },
+                                },
+                                {
+                                    kind: "InlineFragment",
+                                    typeCondition: {
+                                        kind: "NamedType",
+                                        name: { kind: "Name", value: "ResourceNotFoundError" },
+                                    },
+                                    selectionSet: {
+                                        kind: "SelectionSet",
+                                        selections: [
+                                            {
+                                                kind: "Field",
+                                                name: { kind: "Name", value: "message" },
+                                            },
+                                        ],
+                                    },
+                                },
                             ],
                         },
                     },

package/lib/lib/requests.d.ts CHANGED Viewed

@@ -15,7 +15,7 @@ export interface RoleNode {
 export type RequestMap = Map<string, AppNode>;
 export declare function selectRequestableItems(cmd: Command, client: ApolloClient<NormalizedCacheObject>, requestMap: RequestMap): Promise<void>;
 export declare function chooseAssets(cmd: Command, client: ApolloClient<NormalizedCacheObject>, appId: string, requestMap: RequestMap): Promise<void>;
-export declare function chooseRoles(appId: string, assetId: string, requestMap: RequestMap): Promise<void>;
+export declare function chooseRoles(cmd: Command, client: ApolloClient<NormalizedCacheObject>, appId: string, assetId: string, requestMap: RequestMap): Promise<void>;
 export declare function doneSelectingAssets(): Promise<boolean>;
 export declare function promptForReason(): Promise<any>;
 export declare function promptForExpiration(): Promise<any>;

package/lib/lib/requests.js CHANGED Viewed

@@ -11,6 +11,7 @@ const inquirer = require("inquirer");
 const graphql_1 = require("../graphql");
 inquirer.registerPrompt("autocomplete", require("inquirer-autocomplete-prompt"));
 // Queries and Mutations
+// TODO: add pagination ability from CLI. (Load more...) option
 const GET_REQUESTABLE_APPS_QUERY = (0, graphql_1.graphql)(`
   query GetRequestableAppsQuery($searchQuery: String) {
     appsV2(
@@ -40,39 +41,6 @@ const GET_REQUESTABLE_APPS_QUERY = (0, graphql_1.graphql)(`
     }
   }
   `);
-const GET_ASSETS_QUERY = (0, graphql_1.graphql)(`
-  query PaginatedEntityDropdown(
-  $id: UUID!
-  $searchQuery: String
-) {
-  app(id: $id) {
-    __typename
-    ... on App {
-      id
-      items(
-        input: {
-          access: REQUESTABLE
-          searchQuery: $searchQuery
-          includeOnlyRequestable: true
-        }
-      ) {
-        items {
-          key
-          resource {
-            id
-            name
-          }
-          group {
-            id
-            name
-          }
-        }
-        cursor
-      }
-    }
-  }
-}
-`);
 async function queryRequestableApps(cmd, client, input) {
     var _a, _b;
     try {
@@ -107,8 +75,44 @@ async function queryRequestableApps(cmd, client, input) {
         }
     }
 }
+const GET_ASSETS_QUERY = (0, graphql_1.graphql)(`
+  query PaginatedEntityDropdown(
+  $id: UUID!
+  $searchQuery: String
+) {
+  app(id: $id) {
+    __typename
+    ... on App {
+      id
+      items(
+        input: {
+          access: REQUESTABLE
+          searchQuery: $searchQuery
+          includeOnlyRequestable: true
+        }
+      ) {
+        items {
+          key
+          resource {
+            id
+            name
+          }
+          group {
+            id
+            name
+          }
+        }
+        cursor
+      }
+    }
+    ... on AppNotFoundError {
+      message
+    }
+  }
+}
+`);
 async function queryRequestableAssets(cmd, client, appId, input) {
-    var _a, _b, _c, _d;
+    var _a, _b, _c, _d, _e, _f;
     try {
         const resp = await client.query({
             query: GET_ASSETS_QUERY,
@@ -137,10 +141,68 @@ async function queryRequestableAssets(cmd, client, appId, input) {
                     };
                 });
             case "AppNotFoundError":
-                x = cmd.error("App not found");
+                x = cmd.error((_f = (_e = resp.data) === null || _e === void 0 ? void 0 : _e.app) === null || _f === void 0 ? void 0 : _f.message);
+                break;
+            default:
+                cmd.error(resp.error || "Unknown error occurred.");
+        }
+    }
+    catch (error) {
+        if (error instanceof Error || typeof error === "string") {
+            cmd.error(error);
+        }
+    }
+}
+const RESOURCE_ROLES_QUERY = (0, graphql_1.graphql)(`
+  query ResourceAccessLevels($resourceId: ResourceId!) {
+    accessLevels(input: {
+      resourceId: $resourceId,
+      onlyMine: false,
+    }) {
+      __typename
+      ... on ResourceAccessLevelsResult {
+        accessLevels {
+          __typename
+          ... on ResourceAccessLevel {
+            accessLevelName
+            accessLevelRemoteId
+          }
+        }
+      }
+      ... on ResourceNotFoundError {
+        message
+      }
+    }
+  }
+`);
+async function queryResourceRoles(cmd, client, resourceId) {
+    var _a, _b, _c, _d, _e;
+    try {
+        const resp = await client.query({
+            query: RESOURCE_ROLES_QUERY,
+            variables: {
+                resourceId: resourceId,
+            },
+            fetchPolicy: "network-only", // to avoid caching
+        });
+        // no fall through doesn't consider process.exit();
+        let x;
+        switch (resp.data.accessLevels.__typename) {
+            case "ResourceAccessLevelsResult":
+                return (_c = (_b = (_a = resp.data) === null || _a === void 0 ? void 0 : _a.accessLevels) === null || _b === void 0 ? void 0 : _b.accessLevels) === null || _c === void 0 ? void 0 : _c.map((role) => {
+                    return {
+                        name: role.accessLevelName,
+                        value: {
+                            name: role.accessLevelName,
+                            id: role.accessLevelRemoteId,
+                        },
+                    };
+                });
+            case "ResourceNotFoundError":
+                x = cmd.error((_e = (_d = resp.data) === null || _d === void 0 ? void 0 : _d.accessLevels) === null || _e === void 0 ? void 0 : _e.message);
                 break;
             default:
-                cmd.error("Unknown error occurred.");
+                cmd.error(resp.error || "Unknown error occurred.");
         }
     }
     catch (error) {
@@ -198,16 +260,28 @@ async function chooseAssets(cmd, client, appId, requestMap) {
                 roles: new Map(),
             });
         }
-        await chooseRoles(appId, asset.id, requestMap);
+        await chooseRoles(cmd, client, appId, asset.id, requestMap);
     }
 }
-async function chooseRoles(appId, assetId, requestMap) {
-    var _a;
+async function chooseRoles(cmd, client, appId, assetId, requestMap) {
+    var _a, _b;
+    const resourceRoles = (_a = (await queryResourceRoles(cmd, client, assetId))) !== null && _a !== void 0 ? _a : [];
+    if (resourceRoles !== undefined &&
+        (resourceRoles.length === 0 ||
+            (resourceRoles.length === 1 && resourceRoles[0].name === ""))) {
+        return;
+    }
     const { roles } = await inquirer.prompt({
         name: "roles",
         type: "checkbox",
         message: `Select one or more roles for ${assetId}:`,
-        choices: ["push", "pull", "triage", "admin"],
+        choices: resourceRoles,
+        validate: (answer) => {
+            if ((resourceRoles === null || resourceRoles === void 0 ? void 0 : resourceRoles.length) > 1 && answer.length < 1) {
+                return "You must select at least one role.";
+            }
+            return true;
+        },
     });
     const entry = requestMap.get(appId);
     const assetEntry = entry === null || entry === void 0 ? void 0 : entry.assets.get(assetId);
@@ -215,8 +289,8 @@ async function chooseRoles(appId, assetId, requestMap) {
         throw new Error(`App ${appId} or Asset ${assetId} not found in requestMap`);
     }
     for (const role of roles) {
-        (_a = assetEntry.roles) === null || _a === void 0 ? void 0 : _a.set(role, {
-            roleName: role,
+        (_b = assetEntry.roles) === null || _b === void 0 ? void 0 : _b.set(role.id, {
+            roleName: role.name,
         });
     }
 }

package/lib/utils/displays.js CHANGED Viewed

@@ -32,18 +32,18 @@ function treeifyRequestMap(requestMap) {
     const requestTree = {};
     // Create a tree structure from the requestMap
     // Iterate over apps
-    for (const [_appId, appNode] of requestMap.entries()) {
+    for (const appNode of requestMap.values()) {
         const appKey = `🔧${appNode.appName}`;
         requestTree[appKey] = {}; // Initialize the app key
         // Iterate over assets
-        for (const [_assetId, assetNode] of appNode.assets.entries()) {
+        for (const assetNode of appNode.assets.values()) {
             const assetKey = `📦${assetNode.assetName}`;
             if (assetNode.roles !== undefined) {
                 // If no roles were previously selected
                 requestTree[appKey][assetKey] = {}; // Initialize the asset key
                 // Iterate over roles
-                for (const [roleName, _] of assetNode.roles.entries()) {
-                    requestTree[appKey][assetKey][roleName] = null; // Initialize the role key
+                for (const roleNode of assetNode.roles.values()) {
+                    requestTree[appKey][assetKey][roleNode.roleName] = null; // Initialize the role key
                 }
             }
             else {

package/oclif.manifest.json CHANGED Viewed

@@ -639,9 +639,7 @@
       ]
     },
     "request:list": {
-      "aliases": [
-        "request:ls"
-      ],
+      "aliases": [],
       "args": {},
       "description": "Lists access requests",
       "flags": {},
@@ -909,5 +907,5 @@
       ]
     }
   },
-  "version": "3.1.0"
+  "version": "3.1.1-beta.778ef29"
 }

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "opal-security",
   "description": "Opal allows you to centrally manage access to all of your sensitive systems.",
-  "version": "3.1.0",
+  "version": "3.1.1-beta.778ef29",
   "author": "Stephen Cobbe",
   "bin": {
     "opal": "./bin/run"