opal-security 3.1.1-beta.7610828 → 3.1.1-beta.7648ca2

package/README.md

@@ -22,7 +22,7 @@ $ npm install -g opal-security
 $ opal COMMAND
 running command...
 $ opal (--version)
-opal-security/3.1.1-beta.7610828 linux-x64 node-v20.19.1
+opal-security/3.1.1-beta.7648ca2 linux-x64 node-v20.19.2
 $ opal --help [COMMAND]
 USAGE
   $ opal COMMAND
@@ -101,7 +101,7 @@ EXAMPLES
   $ opal aws:identity
 ```
 
-_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/aws/identity.ts)_
+_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/aws/identity.ts)_
 
 ## `opal clear-auth-provider`
 
@@ -121,7 +121,7 @@ EXAMPLES
   $ opal clear-auth-provider
 ```
 
-_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/clear-auth-provider.ts)_
+_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/clear-auth-provider.ts)_
 
 ## `opal curl-example`
 
@@ -138,7 +138,7 @@ DESCRIPTION
   Prints out an example cURL command containing the parameters the CLI uses to query the Opal server.
 ```
 
-_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/curl-example.ts)_
+_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/curl-example.ts)_
 
 ## `opal groups get`
 
@@ -159,7 +159,7 @@ EXAMPLES
   $ opal groups:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
 
-_See code: [src/commands/groups/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/groups/get.ts)_
+_See code: [src/commands/groups/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/groups/get.ts)_
 
 ## `opal help [COMMANDS]`
 
@@ -209,7 +209,7 @@ EXAMPLES
   $ opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"
 ```
 
-_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/iam-roles/start.ts)_
+_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/iam-roles/start.ts)_
 
 ## `opal kube-roles start`
 
@@ -240,7 +240,7 @@ EXAMPLES
   $ opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId "arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role"
 ```
 
-_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/kube-roles/start.ts)_
+_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/kube-roles/start.ts)_
 
 ## `opal login`
 
@@ -261,7 +261,7 @@ EXAMPLES
   $ opal login
 ```
 
-_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/login.ts)_
+_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/login.ts)_
 
 ## `opal logout`
 
@@ -281,7 +281,7 @@ EXAMPLES
   $ opal logout
 ```
 
-_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/logout.ts)_
+_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/logout.ts)_
 
 ## `opal postgres-instances start`
 
@@ -318,7 +318,7 @@ EXAMPLES
   $ opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId fullaccess --action view
 ```
 
-_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/postgres-instances/start.ts)_
+_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/postgres-instances/start.ts)_
 
 ## `opal resources get`
 
@@ -339,7 +339,7 @@ EXAMPLES
   $ opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
 
-_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/resources/get.ts)_
+_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/resources/get.ts)_
 
 ## `opal set-auth-provider`
 
@@ -365,7 +365,7 @@ EXAMPLES
   $ opal set-auth-provider --clientID 1234asdf --issuerUrl https://auth.example.com
 ```
 
-_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/set-auth-provider.ts)_
+_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/set-auth-provider.ts)_
 
 ## `opal set-custom-header`
 
@@ -386,7 +386,7 @@ EXAMPLES
   $ opal set-custom-header --header 'cf-access-token: $TOKEN'
 ```
 
-_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/set-custom-header.ts)_
+_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/set-custom-header.ts)_
 
 ## `opal set-token`
 
@@ -406,7 +406,7 @@ EXAMPLES
   $ opal set-token
 ```
 
-_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/set-token.ts)_
+_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/set-token.ts)_
 
 ## `opal set-url [URL]`
 
@@ -430,7 +430,7 @@ EXAMPLES
   $ opal set-url
 ```
 
-_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/set-url.ts)_
+_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/set-url.ts)_
 
 ## `opal ssh copyFrom`
 
@@ -461,7 +461,7 @@ EXAMPLES
   $ opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/ssh/copyFrom.ts)_
+_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/ssh/copyFrom.ts)_
 
 ## `opal ssh copyTo`
 
@@ -492,7 +492,7 @@ EXAMPLES
   $ opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/ssh/copyTo.ts)_
+_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/ssh/copyTo.ts)_
 
 ## `opal ssh start`
 
@@ -519,7 +519,7 @@ EXAMPLES
   $ opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7610828/src/commands/ssh/start.ts)_
+_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.7648ca2/src/commands/ssh/start.ts)_
 
 ## `opal version`
 

package/lib/commands/request/create.js

@@ -10,7 +10,7 @@ class RequestCreate extends core_1.Command {
         await (0, apollo_1.initClient)(this, true);
         const client = await (0, apollo_1.getClient)(this, true);
         (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
-        const metadata = (0, requests_1.createEmptyRequestMetadata)();
+        const metadata = (0, requests_1.initEmptyRequestMetadata)();
         (0, displays_1.headerMessage)(this);
         let shouldProceed = false;
         while (!shouldProceed) {
@@ -25,13 +25,13 @@ class RequestCreate extends core_1.Command {
         // Step 4: Set Request Defaults
         await (0, requests_1.setRequestDefaults)(this, client, metadata);
         // Step 4: Prompt for request reason
-        const { reason } = await (0, requests_1.promptForReason)(metadata);
+        await (0, requests_1.promptForReason)(metadata);
         // Step 5: Prompt for expiration
-        const { expiration } = await (0, requests_1.promptForExpiration)(metadata);
+        await (0, requests_1.promptForExpiration)(metadata);
         // Step 6: Display final summary of request
-        (0, displays_1.displayFinalRequestSummary)(this, metadata.requestMap, reason, expiration.label);
+        (0, displays_1.displayFinalRequestSummary)(this, metadata);
         // Step 7: Prompt for final submition
-        await (0, requests_1.submitFinalRequest)(this);
+        await (0, requests_1.submitFinalRequest)(this, client, metadata);
     }
 }
 RequestCreate.hidden = true;

package/lib/commands/request/get.d.ts

@@ -7,5 +7,6 @@ export default class GetRequest extends Command {
         id: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
         verbose: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
     };
+    static examples: string[];
     run(): Promise<void>;
 }

package/lib/commands/request/get.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 const core_1 = require("@oclif/core");
+const chalk_1 = require("chalk");
 const graphql_1 = require("../../graphql");
 const apollo_1 = require("../../lib/apollo");
 const cmd_1 = require("../../lib/cmd");
@@ -76,15 +77,17 @@ class GetRequest extends core_1.Command {
             fetchPolicy: "network-only", // to avoid caching
         });
         switch (resp.data.request.__typename) {
-            case "RequestResult":
+            case "RequestResult": {
                 if (flags.verbose) {
                     (0, apollo_1.printResponse)(this, resp);
                 }
                 else {
                     (0, displays_1.displayRequestDetails)(this, resp);
                 }
-                this.log(`\n💡Click to see request details on web: ${configData[config_1.urlKey]}/requests/sent/${flags.id}`);
+                const url = `${configData[config_1.urlKey]}/requests/sent/${flags.id}`;
+                this.log(`\n💡Link to request details: ${chalk_1.default.underline(url)}`);
                 return;
+            }
             case "RequestNotFoundError":
                 this.log(`🚫 Request with id ${flags.id} was not found`);
                 return;
@@ -100,8 +103,12 @@ GetRequest.flags = {
     id: flags_1.SHARED_FLAGS.id,
     verbose: core_1.Flags.boolean({
         char: "v",
-        description: "Enable verbose output",
+        description: "Enable verbose output, prints full response in JSON format. Defaults to false.",
         default: false,
     }),
 };
+GetRequest.examples = [
+    "opal request get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4",
+    "opal request get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4 --verbose",
+];
 exports.default = GetRequest;

package/lib/commands/request/list.d.ts

@@ -2,11 +2,11 @@ import { Command } from "@oclif/core";
 export default class ListRequests extends Command {
     static hidden: boolean;
     static description: string;
+    static examples: string[];
     static flags: {
         help: import("@oclif/core/lib/interfaces").BooleanFlag<void>;
-        id: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
-        pageSize: import("@oclif/core/lib/interfaces").OptionFlag<number | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
-        showPendingOnly: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
+        n: import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces").CustomOptions>;
+        pending: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
         verbose: import("@oclif/core/lib/interfaces").BooleanFlag<boolean>;
     };
     run(): Promise<void>;

package/lib/commands/request/list.js

@@ -4,7 +4,6 @@ const core_1 = require("@oclif/core");
 const graphql_1 = require("../../graphql");
 const apollo_1 = require("../../lib/apollo");
 const cmd_1 = require("../../lib/cmd");
-const config_1 = require("../../lib/config");
 const flags_1 = require("../../lib/flags");
 const displays_1 = require("../../utils/displays");
 const utils_1 = require("../../utils/utils");
@@ -62,19 +61,12 @@ class ListRequests extends core_1.Command {
     async run() {
         (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
         (0, cmd_1.setMostRecentCommand)(this);
-        const configData = (0, config_1.getOrCreateConfigData)(this.config.configDir);
         const client = await (0, apollo_1.getClient)(this, true);
         let pageSize = 10;
         let showPendingOnly = false;
         const { flags } = await this.parse(ListRequests);
-        if (flags.pageSize) {
-            if (flags.pageSize < 1) {
-                this.error("pageSize must be greater than 0");
-            }
-            if (flags.pageSize > 100) {
-                this.error("pageSize must be less than 100");
-            }
-            pageSize = flags.pageSize;
+        if (flags.n) {
+            pageSize = flags.pageSinze;
         }
         if (flags.showPendingOnly) {
             showPendingOnly = flags.showPendingOnly;
@@ -97,24 +89,32 @@ class ListRequests extends core_1.Command {
     }
 }
 ListRequests.hidden = true;
-ListRequests.description = "Lists your recent outgoing access requests.\
-      \n--pageSize flag sets number of requests to be returned. Defaults to 10 requests.\
-      \n--showPendingOnly flag will show only pending requests. Defaults to false.";
+ListRequests.description = "Lists your n recent outgoing access requests";
+ListRequests.examples = [
+    "opal request list --n 5",
+    "opal request list --n 5 --pending",
+    "opal request list --n 5 --verbose",
+    "opal request list --n 5 --pending --verbose",
+];
 // static aliases = ["request:ls"]; // uncomment when ready for release
 ListRequests.flags = {
     help: flags_1.SHARED_FLAGS.help,
-    id: flags_1.SHARED_FLAGS.id,
-    pageSize: core_1.Flags.integer({
+    n: core_1.Flags.integer({
+        char: "n",
         multiple: false,
-        description: "Sets number of requests to be returned. Defaults to 10 requests.",
+        description: "Defines number of requests to be returned. 1 <= n <= 100.",
+        default: 10,
+        min: 1,
+        max: 100,
     }),
-    showPendingOnly: core_1.Flags.boolean({
+    pending: core_1.Flags.boolean({
+        char: "p",
         description: "Show only pending requests. Defaults to false.",
         default: false,
     }),
     verbose: core_1.Flags.boolean({
         char: "v",
-        description: "Enable verbose output",
+        description: "Enable verbose output, prints full response in JSON format. Defaults to false.",
         default: false,
     }),
 };

package/lib/graphql/gql.d.ts

@@ -18,8 +18,10 @@ type Documents = {
     "\nquery CheckAuthSessionQuery {\n  organizationSettings {\n    ... on OrganizationSettingsResult {\n      settings {\n        id\n      }\n    }\n  }\n}\n": typeof types.CheckAuthSessionQueryDocument;
     '\n  query GetRequestableAppsQuery($searchQuery: String) {\n    appsV2(\n      filters: {\n        access: REQUESTABLE\n        searchQuery: $searchQuery\n      }\n    ) @connection(key: "paginated-app-dropdown") {\n      edges {\n        node {\n          id\n          displayName\n          ... on Connection {\n            connectionType\n          }\n          ... on Resource {\n            resourceType\n          }\n        }\n      }\n      pageInfo {\n        hasNextPage\n        hasPreviousPage\n        startCursor\n        endCursor\n      }\n    }\n  }\n  ': typeof types.GetRequestableAppsQueryDocument;
     "\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n    ... on AppNotFoundError {\n      message\n    }\n  }\n}\n": typeof types.PaginatedEntityDropdownDocument;
-    "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          __typename\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n": typeof types.ResourceAccessLevelsDocument;
-    "\n  query RequestDefaults(\n    $requestedResources: [RequestConfigurationResourceInput!]!\n    $requestedGroups: [RequestConfigurationGroupInput!]!\n    ) {\n    requestDefaults(input: {\n      requestedResources: $requestedResources,\n      requestedGroups: $requestedGroups,\n      }\n    ) {\n      durationOptions {\n        durationInMinutes\n        label\n      }\n      recommendedDurationInMinutes\n      defaultDurationInMinutes\n      maxDurationInMinutes\n      requireSupportTicket\n      reasonOptional\n      requesterIsAdmin\n    }\n  }": typeof types.RequestDefaultsDocument;
+    "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n": typeof types.ResourceAccessLevelsDocument;
+    "\nquery GroupAccessLevels($groupId: GroupId!) {\n  groupAccessLevels(\n    input: { groupId: $groupId }\n  ) {\n    ... on GroupAccessLevelsResult {\n      groupId\n      accessLevels {\n        ... on GroupAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n      }\n    }\n  }\n}\n": typeof types.GroupAccessLevelsDocument;
+    "\n  query RequestDefaults(\n    $requestedResources: [RequestConfigurationResourceInput!]!\n    $requestedGroups: [RequestConfigurationGroupInput!]!\n    ) {\n    requestDefaults(input: {\n      requestedResources: $requestedResources,\n      requestedGroups: $requestedGroups,\n      }\n    ) {\n      ... on RequestDefaults {\n        durationOptions {\n          durationInMinutes\n          label\n        }\n        recommendedDurationInMinutes\n        defaultDurationInMinutes\n        maxDurationInMinutes\n        requireSupportTicket\n        reasonOptional\n        requesterIsAdmin\n      }\n    }\n  }": typeof types.RequestDefaultsDocument;
+    "\n  mutation CreateRequest(\n    $requestedResources: [RequestedResourceInput!]!\n    $requestedGroups: [RequestedGroupInput!]!\n    $reason: String!\n    $durationInMinutes: Int\n  ) {\n    createRequest(\n      input: {\n        requestedResources: $requestedResources\n        requestedGroups: $requestedGroups\n        reason: $reason\n        durationInMinutes: $durationInMinutes\n      }\n    ) {\n      ... on CreateRequestResult {\n        request {\n          id\n          status\n        }\n      }\n      ... on RequestDurationTooLargeError {\n        message\n      }\n      ... on RequestRequiresUserAuthTokenForConnectionError {\n        message\n      }\n      ... on NoReviewersSetForOwnerError {\n        message\n        ownerId\n      }\n      ... on NoReviewersSetForResourceError {\n        message\n        resourceId\n      }\n      ... on NoReviewersSetForGroupError {\n        message\n        groupId\n      }\n      ... on NoManagerSetForRequestingUserError {\n        message\n      }\n      ... on MfaInvalidError {\n        message\n      }\n      ... on BulkRequestTooLargeError {\n        message\n      }\n      ... on ItemCannotBeRequestedError {\n        message\n      }\n      ... on UserCannotRequestAccessForTargetGroupError {\n        message\n        groupId\n        userId\n      }\n      ... on GroupNestingNotAllowedError {\n        message\n        fromGroupId\n        toGroupId\n      }\n      ... on TargetUserHasNestedAccessError {\n        message\n        groupIds\n      }\n      ... on RequestReasonMissingError {\n        message\n      }\n      ... on RequestFieldValueMissingError {\n        message\n        fieldName\n      }\n      ... on LinkedGroupNotRequestableError {\n        message\n        sourceGroupId\n        groupBindingId\n      }\n      ... on RequestReasonBelowMinLengthError {\n        message\n      }\n\n    }\n  }\n": typeof types.CreateRequestDocument;
 };
 declare const documents: Documents;
 /**
@@ -62,10 +64,18 @@ export declare function graphql(source: "\n  query PaginatedEntityDropdown(\n  $
 /**
  * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
  */
-export declare function graphql(source: "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          __typename\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n"): (typeof documents)["\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          __typename\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n"];
+export declare function graphql(source: "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n"): (typeof documents)["\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n"];
 /**
  * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
  */
-export declare function graphql(source: "\n  query RequestDefaults(\n    $requestedResources: [RequestConfigurationResourceInput!]!\n    $requestedGroups: [RequestConfigurationGroupInput!]!\n    ) {\n    requestDefaults(input: {\n      requestedResources: $requestedResources,\n      requestedGroups: $requestedGroups,\n      }\n    ) {\n      durationOptions {\n        durationInMinutes\n        label\n      }\n      recommendedDurationInMinutes\n      defaultDurationInMinutes\n      maxDurationInMinutes\n      requireSupportTicket\n      reasonOptional\n      requesterIsAdmin\n    }\n  }"): (typeof documents)["\n  query RequestDefaults(\n    $requestedResources: [RequestConfigurationResourceInput!]!\n    $requestedGroups: [RequestConfigurationGroupInput!]!\n    ) {\n    requestDefaults(input: {\n      requestedResources: $requestedResources,\n      requestedGroups: $requestedGroups,\n      }\n    ) {\n      durationOptions {\n        durationInMinutes\n        label\n      }\n      recommendedDurationInMinutes\n      defaultDurationInMinutes\n      maxDurationInMinutes\n      requireSupportTicket\n      reasonOptional\n      requesterIsAdmin\n    }\n  }"];
+export declare function graphql(source: "\nquery GroupAccessLevels($groupId: GroupId!) {\n  groupAccessLevels(\n    input: { groupId: $groupId }\n  ) {\n    ... on GroupAccessLevelsResult {\n      groupId\n      accessLevels {\n        ... on GroupAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n      }\n    }\n  }\n}\n"): (typeof documents)["\nquery GroupAccessLevels($groupId: GroupId!) {\n  groupAccessLevels(\n    input: { groupId: $groupId }\n  ) {\n    ... on GroupAccessLevelsResult {\n      groupId\n      accessLevels {\n        ... on GroupAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n      }\n    }\n  }\n}\n"];
+/**
+ * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
+ */
+export declare function graphql(source: "\n  query RequestDefaults(\n    $requestedResources: [RequestConfigurationResourceInput!]!\n    $requestedGroups: [RequestConfigurationGroupInput!]!\n    ) {\n    requestDefaults(input: {\n      requestedResources: $requestedResources,\n      requestedGroups: $requestedGroups,\n      }\n    ) {\n      ... on RequestDefaults {\n        durationOptions {\n          durationInMinutes\n          label\n        }\n        recommendedDurationInMinutes\n        defaultDurationInMinutes\n        maxDurationInMinutes\n        requireSupportTicket\n        reasonOptional\n        requesterIsAdmin\n      }\n    }\n  }"): (typeof documents)["\n  query RequestDefaults(\n    $requestedResources: [RequestConfigurationResourceInput!]!\n    $requestedGroups: [RequestConfigurationGroupInput!]!\n    ) {\n    requestDefaults(input: {\n      requestedResources: $requestedResources,\n      requestedGroups: $requestedGroups,\n      }\n    ) {\n      ... on RequestDefaults {\n        durationOptions {\n          durationInMinutes\n          label\n        }\n        recommendedDurationInMinutes\n        defaultDurationInMinutes\n        maxDurationInMinutes\n        requireSupportTicket\n        reasonOptional\n        requesterIsAdmin\n      }\n    }\n  }"];
+/**
+ * The graphql function is used to parse GraphQL queries into a document that can be used by GraphQL clients.
+ */
+export declare function graphql(source: "\n  mutation CreateRequest(\n    $requestedResources: [RequestedResourceInput!]!\n    $requestedGroups: [RequestedGroupInput!]!\n    $reason: String!\n    $durationInMinutes: Int\n  ) {\n    createRequest(\n      input: {\n        requestedResources: $requestedResources\n        requestedGroups: $requestedGroups\n        reason: $reason\n        durationInMinutes: $durationInMinutes\n      }\n    ) {\n      ... on CreateRequestResult {\n        request {\n          id\n          status\n        }\n      }\n      ... on RequestDurationTooLargeError {\n        message\n      }\n      ... on RequestRequiresUserAuthTokenForConnectionError {\n        message\n      }\n      ... on NoReviewersSetForOwnerError {\n        message\n        ownerId\n      }\n      ... on NoReviewersSetForResourceError {\n        message\n        resourceId\n      }\n      ... on NoReviewersSetForGroupError {\n        message\n        groupId\n      }\n      ... on NoManagerSetForRequestingUserError {\n        message\n      }\n      ... on MfaInvalidError {\n        message\n      }\n      ... on BulkRequestTooLargeError {\n        message\n      }\n      ... on ItemCannotBeRequestedError {\n        message\n      }\n      ... on UserCannotRequestAccessForTargetGroupError {\n        message\n        groupId\n        userId\n      }\n      ... on GroupNestingNotAllowedError {\n        message\n        fromGroupId\n        toGroupId\n      }\n      ... on TargetUserHasNestedAccessError {\n        message\n        groupIds\n      }\n      ... on RequestReasonMissingError {\n        message\n      }\n      ... on RequestFieldValueMissingError {\n        message\n        fieldName\n      }\n      ... on LinkedGroupNotRequestableError {\n        message\n        sourceGroupId\n        groupBindingId\n      }\n      ... on RequestReasonBelowMinLengthError {\n        message\n      }\n\n    }\n  }\n"): (typeof documents)["\n  mutation CreateRequest(\n    $requestedResources: [RequestedResourceInput!]!\n    $requestedGroups: [RequestedGroupInput!]!\n    $reason: String!\n    $durationInMinutes: Int\n  ) {\n    createRequest(\n      input: {\n        requestedResources: $requestedResources\n        requestedGroups: $requestedGroups\n        reason: $reason\n        durationInMinutes: $durationInMinutes\n      }\n    ) {\n      ... on CreateRequestResult {\n        request {\n          id\n          status\n        }\n      }\n      ... on RequestDurationTooLargeError {\n        message\n      }\n      ... on RequestRequiresUserAuthTokenForConnectionError {\n        message\n      }\n      ... on NoReviewersSetForOwnerError {\n        message\n        ownerId\n      }\n      ... on NoReviewersSetForResourceError {\n        message\n        resourceId\n      }\n      ... on NoReviewersSetForGroupError {\n        message\n        groupId\n      }\n      ... on NoManagerSetForRequestingUserError {\n        message\n      }\n      ... on MfaInvalidError {\n        message\n      }\n      ... on BulkRequestTooLargeError {\n        message\n      }\n      ... on ItemCannotBeRequestedError {\n        message\n      }\n      ... on UserCannotRequestAccessForTargetGroupError {\n        message\n        groupId\n        userId\n      }\n      ... on GroupNestingNotAllowedError {\n        message\n        fromGroupId\n        toGroupId\n      }\n      ... on TargetUserHasNestedAccessError {\n        message\n        groupIds\n      }\n      ... on RequestReasonMissingError {\n        message\n      }\n      ... on RequestFieldValueMissingError {\n        message\n        fieldName\n      }\n      ... on LinkedGroupNotRequestableError {\n        message\n        sourceGroupId\n        groupBindingId\n      }\n      ... on RequestReasonBelowMinLengthError {\n        message\n      }\n\n    }\n  }\n"];
 export type DocumentType<TDocumentNode extends DocumentNode<any, any>> = TDocumentNode extends DocumentNode<infer TType, any> ? TType : never;
 export {};

package/lib/graphql/gql.js

@@ -10,8 +10,10 @@ const documents = {
     "\nquery CheckAuthSessionQuery {\n  organizationSettings {\n    ... on OrganizationSettingsResult {\n      settings {\n        id\n      }\n    }\n  }\n}\n": types.CheckAuthSessionQueryDocument,
     '\n  query GetRequestableAppsQuery($searchQuery: String) {\n    appsV2(\n      filters: {\n        access: REQUESTABLE\n        searchQuery: $searchQuery\n      }\n    ) @connection(key: "paginated-app-dropdown") {\n      edges {\n        node {\n          id\n          displayName\n          ... on Connection {\n            connectionType\n          }\n          ... on Resource {\n            resourceType\n          }\n        }\n      }\n      pageInfo {\n        hasNextPage\n        hasPreviousPage\n        startCursor\n        endCursor\n      }\n    }\n  }\n  ': types.GetRequestableAppsQueryDocument,
     "\n  query PaginatedEntityDropdown(\n  $id: UUID!\n  $searchQuery: String\n) {\n  app(id: $id) {\n    __typename\n    ... on App {\n      id\n      items(\n        input: {\n          access: REQUESTABLE\n          searchQuery: $searchQuery\n          includeOnlyRequestable: true\n        }\n      ) {\n        items {\n          key\n          resource {\n            id\n            name\n          }\n          group {\n            id\n            name\n          }\n        }\n        cursor\n      }\n    }\n    ... on AppNotFoundError {\n      message\n    }\n  }\n}\n": types.PaginatedEntityDropdownDocument,
-    "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          __typename\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n": types.ResourceAccessLevelsDocument,
-    "\n  query RequestDefaults(\n    $requestedResources: [RequestConfigurationResourceInput!]!\n    $requestedGroups: [RequestConfigurationGroupInput!]!\n    ) {\n    requestDefaults(input: {\n      requestedResources: $requestedResources,\n      requestedGroups: $requestedGroups,\n      }\n    ) {\n      durationOptions {\n        durationInMinutes\n        label\n      }\n      recommendedDurationInMinutes\n      defaultDurationInMinutes\n      maxDurationInMinutes\n      requireSupportTicket\n      reasonOptional\n      requesterIsAdmin\n    }\n  }": types.RequestDefaultsDocument,
+    "\n  query ResourceAccessLevels($resourceId: ResourceId!) {\n    accessLevels(input: {\n      resourceId: $resourceId,\n      onlyMine: false,\n    }) {\n      __typename\n      ... on ResourceAccessLevelsResult {\n        accessLevels {\n          ... on ResourceAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n        }\n      }\n      ... on ResourceNotFoundError {\n        message\n      }\n    }\n  }\n": types.ResourceAccessLevelsDocument,
+    "\nquery GroupAccessLevels($groupId: GroupId!) {\n  groupAccessLevels(\n    input: { groupId: $groupId }\n  ) {\n    ... on GroupAccessLevelsResult {\n      groupId\n      accessLevels {\n        ... on GroupAccessLevel {\n            accessLevelName\n            accessLevelRemoteId\n          }\n      }\n    }\n  }\n}\n": types.GroupAccessLevelsDocument,
+    "\n  query RequestDefaults(\n    $requestedResources: [RequestConfigurationResourceInput!]!\n    $requestedGroups: [RequestConfigurationGroupInput!]!\n    ) {\n    requestDefaults(input: {\n      requestedResources: $requestedResources,\n      requestedGroups: $requestedGroups,\n      }\n    ) {\n      ... on RequestDefaults {\n        durationOptions {\n          durationInMinutes\n          label\n        }\n        recommendedDurationInMinutes\n        defaultDurationInMinutes\n        maxDurationInMinutes\n        requireSupportTicket\n        reasonOptional\n        requesterIsAdmin\n      }\n    }\n  }": types.RequestDefaultsDocument,
+    "\n  mutation CreateRequest(\n    $requestedResources: [RequestedResourceInput!]!\n    $requestedGroups: [RequestedGroupInput!]!\n    $reason: String!\n    $durationInMinutes: Int\n  ) {\n    createRequest(\n      input: {\n        requestedResources: $requestedResources\n        requestedGroups: $requestedGroups\n        reason: $reason\n        durationInMinutes: $durationInMinutes\n      }\n    ) {\n      ... on CreateRequestResult {\n        request {\n          id\n          status\n        }\n      }\n      ... on RequestDurationTooLargeError {\n        message\n      }\n      ... on RequestRequiresUserAuthTokenForConnectionError {\n        message\n      }\n      ... on NoReviewersSetForOwnerError {\n        message\n        ownerId\n      }\n      ... on NoReviewersSetForResourceError {\n        message\n        resourceId\n      }\n      ... on NoReviewersSetForGroupError {\n        message\n        groupId\n      }\n      ... on NoManagerSetForRequestingUserError {\n        message\n      }\n      ... on MfaInvalidError {\n        message\n      }\n      ... on BulkRequestTooLargeError {\n        message\n      }\n      ... on ItemCannotBeRequestedError {\n        message\n      }\n      ... on UserCannotRequestAccessForTargetGroupError {\n        message\n        groupId\n        userId\n      }\n      ... on GroupNestingNotAllowedError {\n        message\n        fromGroupId\n        toGroupId\n      }\n      ... on TargetUserHasNestedAccessError {\n        message\n        groupIds\n      }\n      ... on RequestReasonMissingError {\n        message\n      }\n      ... on RequestFieldValueMissingError {\n        message\n        fieldName\n      }\n      ... on LinkedGroupNotRequestableError {\n        message\n        sourceGroupId\n        groupBindingId\n      }\n      ... on RequestReasonBelowMinLengthError {\n        message\n      }\n\n    }\n  }\n": types.CreateRequestDocument,
 };
 function graphql(source) {
     var _a;

package/lib/graphql/graphql.d.ts

@@ -11629,7 +11629,7 @@ export type ResourceAccessLevelsQuery = {
     accessLevels: {
         __typename: "ResourceAccessLevelsResult";
         accessLevels: Array<{
-            __typename: "ResourceAccessLevel";
+            __typename?: "ResourceAccessLevel";
             accessLevelName: string;
             accessLevelRemoteId: string;
         }>;
@@ -11638,6 +11638,23 @@ export type ResourceAccessLevelsQuery = {
         message: string;
     };
 };
+export type GroupAccessLevelsQueryVariables = Exact<{
+    groupId: Scalars["GroupId"]["input"];
+}>;
+export type GroupAccessLevelsQuery = {
+    __typename?: "Query";
+    groupAccessLevels: {
+        __typename?: "GroupAccessLevelsResult";
+        groupId: string;
+        accessLevels?: Array<{
+            __typename?: "GroupAccessLevel";
+            accessLevelName: string;
+            accessLevelRemoteId: string;
+        }> | null;
+    } | {
+        __typename?: "GroupNotFoundError";
+    };
+};
 export type RequestDefaultsQueryVariables = Exact<{
     requestedResources: Array<RequestConfigurationResourceInput> | RequestConfigurationResourceInput;
     requestedGroups: Array<RequestConfigurationGroupInput> | RequestConfigurationGroupInput;
@@ -11659,6 +11676,82 @@ export type RequestDefaultsQuery = {
         }>;
     };
 };
+export type CreateRequestMutationVariables = Exact<{
+    requestedResources: Array<RequestedResourceInput> | RequestedResourceInput;
+    requestedGroups: Array<RequestedGroupInput> | RequestedGroupInput;
+    reason: Scalars["String"]["input"];
+    durationInMinutes?: InputMaybe<Scalars["Int"]["input"]>;
+}>;
+export type CreateRequestMutation = {
+    __typename?: "Mutation";
+    createRequest: {
+        __typename?: "BulkRequestTooLargeError";
+        message: string;
+    } | {
+        __typename?: "CreateRequestResult";
+        request: {
+            __typename?: "Request";
+            id: string;
+            status: RequestStatus;
+        };
+    } | {
+        __typename?: "GroupNestingNotAllowedError";
+        message: string;
+        fromGroupId: string;
+        toGroupId: string;
+    } | {
+        __typename?: "ItemCannotBeRequestedError";
+        message: string;
+    } | {
+        __typename?: "LinkedGroupNotRequestableError";
+        message: string;
+        sourceGroupId: string;
+        groupBindingId: string;
+    } | {
+        __typename?: "MfaInvalidError";
+        message: string;
+    } | {
+        __typename?: "NoManagerSetForRequestingUserError";
+        message: string;
+    } | {
+        __typename?: "NoReviewersSetForGroupError";
+        message: string;
+        groupId: string;
+    } | {
+        __typename?: "NoReviewersSetForOwnerError";
+        message: string;
+        ownerId: string;
+    } | {
+        __typename?: "NoReviewersSetForResourceError";
+        message: string;
+        resourceId: string;
+    } | {
+        __typename?: "RequestDurationTooLargeError";
+        message: string;
+    } | {
+        __typename?: "RequestFieldValueMissingError";
+        message: string;
+        fieldName: string;
+    } | {
+        __typename?: "RequestReasonBelowMinLengthError";
+        message: string;
+    } | {
+        __typename?: "RequestReasonMissingError";
+        message: string;
+    } | {
+        __typename?: "RequestRequiresUserAuthTokenForConnectionError";
+        message: string;
+    } | {
+        __typename?: "TargetUserHasNestedAccessError";
+        message: string;
+        groupIds?: Array<string> | null;
+    } | {
+        __typename?: "UserCannotRequestAccessForTargetGroupError";
+        message: string;
+        groupId: string;
+        userId: string;
+    };
+};
 export declare const GetGroupDocument: DocumentNode<GetGroupQuery, GetGroupQueryVariables>;
 export declare const GetRequestDocument: DocumentNode<GetRequestQuery, GetRequestQueryVariables>;
 export declare const GetRequestsDocument: DocumentNode<GetRequestsQuery, GetRequestsQueryVariables>;
@@ -11666,4 +11759,6 @@ export declare const CheckAuthSessionQueryDocument: DocumentNode<CheckAuthSessio
 export declare const GetRequestableAppsQueryDocument: DocumentNode<GetRequestableAppsQueryQuery, GetRequestableAppsQueryQueryVariables>;
 export declare const PaginatedEntityDropdownDocument: DocumentNode<PaginatedEntityDropdownQuery, PaginatedEntityDropdownQueryVariables>;
 export declare const ResourceAccessLevelsDocument: DocumentNode<ResourceAccessLevelsQuery, ResourceAccessLevelsQueryVariables>;
+export declare const GroupAccessLevelsDocument: DocumentNode<GroupAccessLevelsQuery, GroupAccessLevelsQueryVariables>;
 export declare const RequestDefaultsDocument: DocumentNode<RequestDefaultsQuery, RequestDefaultsQueryVariables>;
+export declare const CreateRequestDocument: DocumentNode<CreateRequestMutation, CreateRequestMutationVariables>;