opal-security 3.1.1-beta.8ec7545 → 3.1.1-beta.96a5722

package/README.md

@@ -22,7 +22,7 @@ $ npm install -g opal-security
 $ opal COMMAND
 running command...
 $ opal (--version)
-opal-security/3.1.1-beta.8ec7545 linux-x64 node-v20.19.2
+opal-security/3.1.1-beta.96a5722 linux-x64 node-v20.19.2
 $ opal --help [COMMAND]
 USAGE
   $ opal COMMAND
@@ -53,6 +53,7 @@ USAGE
 * [`opal ssh copyTo`](#opal-ssh-copyto)
 * [`opal ssh start`](#opal-ssh-start)
 * [`opal version`](#opal-version)
+* [`opal whoami`](#opal-whoami)
 
 ## `opal autocomplete [SHELL]`
 
@@ -101,7 +102,7 @@ EXAMPLES
   $ opal aws:identity
 ```
 
-_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/aws/identity.ts)_
+_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/aws/identity.ts)_
 
 ## `opal clear-auth-provider`
 
@@ -121,7 +122,7 @@ EXAMPLES
   $ opal clear-auth-provider
 ```
 
-_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/clear-auth-provider.ts)_
+_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/clear-auth-provider.ts)_
 
 ## `opal curl-example`
 
@@ -138,7 +139,7 @@ DESCRIPTION
   Prints out an example cURL command containing the parameters the CLI uses to query the Opal server.
 ```
 
-_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/curl-example.ts)_
+_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/curl-example.ts)_
 
 ## `opal groups get`
 
@@ -159,7 +160,7 @@ EXAMPLES
   $ opal groups:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
 
-_See code: [src/commands/groups/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/groups/get.ts)_
+_See code: [src/commands/groups/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/groups/get.ts)_
 
 ## `opal help [COMMANDS]`
 
@@ -209,7 +210,7 @@ EXAMPLES
   $ opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"
 ```
 
-_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/iam-roles/start.ts)_
+_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/iam-roles/start.ts)_
 
 ## `opal kube-roles start`
 
@@ -240,7 +241,7 @@ EXAMPLES
   $ opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId "arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role"
 ```
 
-_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/kube-roles/start.ts)_
+_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/kube-roles/start.ts)_
 
 ## `opal login`
 
@@ -261,7 +262,7 @@ EXAMPLES
   $ opal login
 ```
 
-_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/login.ts)_
+_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/login.ts)_
 
 ## `opal logout`
 
@@ -281,7 +282,7 @@ EXAMPLES
   $ opal logout
 ```
 
-_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/logout.ts)_
+_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/logout.ts)_
 
 ## `opal postgres-instances start`
 
@@ -318,7 +319,7 @@ EXAMPLES
   $ opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId fullaccess --action view
 ```
 
-_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/postgres-instances/start.ts)_
+_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/postgres-instances/start.ts)_
 
 ## `opal resources get`
 
@@ -339,7 +340,7 @@ EXAMPLES
   $ opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
 
-_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/resources/get.ts)_
+_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/resources/get.ts)_
 
 ## `opal set-auth-provider`
 
@@ -365,7 +366,7 @@ EXAMPLES
   $ opal set-auth-provider --clientID 1234asdf --issuerUrl https://auth.example.com
 ```
 
-_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/set-auth-provider.ts)_
+_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/set-auth-provider.ts)_
 
 ## `opal set-custom-header`
 
@@ -386,7 +387,7 @@ EXAMPLES
   $ opal set-custom-header --header 'cf-access-token: $TOKEN'
 ```
 
-_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/set-custom-header.ts)_
+_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/set-custom-header.ts)_
 
 ## `opal set-token`
 
@@ -406,7 +407,7 @@ EXAMPLES
   $ opal set-token
 ```
 
-_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/set-token.ts)_
+_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/set-token.ts)_
 
 ## `opal set-url [URL]`
 
@@ -430,7 +431,7 @@ EXAMPLES
   $ opal set-url
 ```
 
-_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/set-url.ts)_
+_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/set-url.ts)_
 
 ## `opal ssh copyFrom`
 
@@ -461,7 +462,7 @@ EXAMPLES
   $ opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/ssh/copyFrom.ts)_
+_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/ssh/copyFrom.ts)_
 
 ## `opal ssh copyTo`
 
@@ -492,7 +493,7 @@ EXAMPLES
   $ opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/ssh/copyTo.ts)_
+_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/ssh/copyTo.ts)_
 
 ## `opal ssh start`
 
@@ -519,7 +520,7 @@ EXAMPLES
   $ opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.8ec7545/src/commands/ssh/start.ts)_
+_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/ssh/start.ts)_
 
 ## `opal version`
 
@@ -540,4 +541,21 @@ FLAG DESCRIPTIONS
 ```
 
 _See code: [@oclif/plugin-version](https://github.com/oclif/plugin-version/blob/v2.2.27/src/commands/version.ts)_
+
+## `opal whoami`
+
+Describes current url set, organization name, and logged in user if applicabled.
+
+```
+USAGE
+  $ opal whoami [-h]
+
+FLAGS
+  -h, --help  Show CLI help.
+
+DESCRIPTION
+  Describes current url set, organization name, and logged in user if applicabled.
+```
+
+_See code: [src/commands/whoami.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.96a5722/src/commands/whoami.ts)_
 <!-- commandsstop -->

package/lib/commands/login.js

@@ -88,12 +88,14 @@ class Login extends core_1.Command {
             const configData = (0, config_1.getOrCreateConfigData)(configDir);
             let email = flags.email;
             let organizationId;
+            let organizationName;
             let clientIDCandidate;
             const existingCreds = await (0, credentials_1.getOpalCredentials)(this, false);
             // Only use the previous email + organizationID if email isn't explicitly specified.
             if (!email) {
                 email = existingCreds.email;
                 organizationId = existingCreds.organizationID;
+                organizationName = existingCreds.organizationName;
                 clientIDCandidate = existingCreds.clientIDCandidate;
             }
             await (0, credentials_1.removeOpalCredentials)(this);
@@ -149,6 +151,7 @@ class Login extends core_1.Command {
                 if (signInOrganizations && signInOrganizations.length > 0) {
                     if (signInOrganizations.length === 1) {
                         organizationId = signInOrganizations[0].organizationId;
+                        organizationName = signInOrganizations[0].organizationName;
                         clientIDCandidate = signInOrganizations[0].cliClientId;
                     }
                     else {
@@ -164,6 +167,7 @@ class Login extends core_1.Command {
                             },
                         ]);
                         organizationId = responses.signInOrganization.organizationId;
+                        organizationName = responses.signInOrganization.organizationName;
                         clientIDCandidate = responses.signInOrganization.cliClientId;
                     }
                 }
@@ -238,10 +242,10 @@ class Login extends core_1.Command {
             if (tokenExchangeError) {
                 this.log("WARN: Failed to exchange access token for session in Opal. Falling back to using access token for authenticating requests\n");
                 // TODO: consider adding a warn line recommending upgrading Opal to version XYZ, once accompanying PR is pushed to prod
-                await (0, credentials_1.setOpalCredentials)(this, email, organizationId !== null && organizationId !== void 0 ? organizationId : "", clientIDCandidate, (tokenSet === null || tokenSet === void 0 ? void 0 : tokenSet.access_token) || "", credentials_1.SecretType.ApiToken);
+                await (0, credentials_1.setOpalCredentials)(this, email, organizationId !== null && organizationId !== void 0 ? organizationId : "", clientIDCandidate, (tokenSet === null || tokenSet === void 0 ? void 0 : tokenSet.access_token) || "", credentials_1.SecretType.ApiToken, organizationName);
             }
             else {
-                await (0, credentials_1.setOpalCredentials)(this, email, organizationId !== null && organizationId !== void 0 ? organizationId : "", clientIDCandidate, apollo_1.cookieStr, credentials_1.SecretType.Cookie);
+                await (0, credentials_1.setOpalCredentials)(this, email, organizationId !== null && organizationId !== void 0 ? organizationId : "", clientIDCandidate, apollo_1.cookieStr, credentials_1.SecretType.Cookie, organizationName);
             }
             // "Representative" authenticated call to check the log-in worked as expected.
             const { resp: authCheckResp, error: authCheckErr } = await (0, handler_1.runQueryDeprecated)({

package/lib/commands/request/create.d.ts

@@ -4,7 +4,7 @@ export default class RequestCreate extends Command {
     static description: string;
     static flags: {
         help: import("@oclif/core/lib/interfaces").BooleanFlag<void>;
-        id: import("@oclif/core/lib/interfaces").OptionFlag<string[] | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
+        assets: import("@oclif/core/lib/interfaces").OptionFlag<string[] | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
         reason: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
         duration: import("@oclif/core/lib/interfaces").OptionFlag<number | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
     };

package/lib/commands/request/create.js

@@ -13,9 +13,9 @@ class RequestCreate extends core_1.Command {
         (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
         const { flags } = await this.parse(RequestCreate);
         const metadata = (0, requests_1.initEmptyRequestMetadata)();
-        if (flags.id) {
+        if (flags.assets) {
             // if IDs are provided, bypass the interactive selection process
-            await (0, requests_1.bypassRequestSelection)(this, client, flags.id, metadata);
+            await (0, requests_1.bypassRequestSelection)(this, client, flags.assets, metadata);
         }
         else {
             (0, displays_1.headerMessage)(this);
@@ -36,7 +36,9 @@ class RequestCreate extends core_1.Command {
         if (flags.reason) {
             metadata.reason = flags.reason;
         }
-        else {
+        else if (!(metadata.requestDefaults.reasonOptional &&
+            flags.assets &&
+            flags.duration)) {
             await (0, requests_1.promptForReason)(metadata);
         }
         // Step 5: Prompt for expiration
@@ -48,7 +50,9 @@ class RequestCreate extends core_1.Command {
         }
         // Step 6: Display final summary of request
         let canSubmit = true;
-        if (!(flags.id && flags.reason && flags.duration)) {
+        if (!(flags.assets &&
+            flags.duration &&
+            (metadata.requestDefaults.reasonOptional || flags.reason))) {
             canSubmit = await (0, requests_1.promptRequestSubmission)(this, metadata);
         }
         // Step 7: Prompt for final submission
@@ -60,10 +64,10 @@ RequestCreate.hidden = true;
 RequestCreate.description = "Creates an Opal access request via an interactive form";
 RequestCreate.flags = {
     help: flags_1.SHARED_FLAGS.help,
-    id: core_1.Flags.string({
-        char: "i",
+    assets: core_1.Flags.string({
+        char: "a",
         multiple: true,
-        description: "The id of the asset (resource, group) to request access to. Append a role ID using a colon if needed, e.g. `--id 123:456`.\
+        description: "The ids of the assets (resource, group) to request access to. Append a role ID using a colon if needed, e.g. `--assets 123:456`.\
         \n If not provided, an interactive selection flow will be available to select assets to request.",
     }),
     reason: core_1.Flags.string({

package/lib/commands/whoami.d.ts

@@ -0,0 +1,8 @@
+import { Command } from "@oclif/core";
+export default class WhoAmI extends Command {
+    static description: string;
+    static flags: {
+        help: import("@oclif/core/lib/interfaces").BooleanFlag<void>;
+    };
+    run(): Promise<void>;
+}

package/lib/commands/whoami.js

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const core_1 = require("@oclif/core");
+const config_1 = require("../lib/config");
+const credentials_1 = require("../lib/credentials");
+const flags_1 = require("../lib/flags");
+class WhoAmI extends core_1.Command {
+    async run() {
+        const opalCreds = await (0, credentials_1.getOpalCredentials)(this, false);
+        const organizationName = opalCreds === null || opalCreds === void 0 ? void 0 : opalCreds.organizationName;
+        const email = opalCreds === null || opalCreds === void 0 ? void 0 : opalCreds.email;
+        const configData = (0, config_1.getOrCreateConfigData)(this.config.configDir);
+        const url = configData[config_1.urlKey];
+        if (email) {
+            this.log(`User:         ${email}`);
+        }
+        if (organizationName) {
+            if (organizationName === "unset-org-id") {
+                this.log("Authenticated with Opal API Token.");
+            }
+            else {
+                this.log(`Organization: ${organizationName}`);
+            }
+        }
+        if (url) {
+            this.log(`Server:       ${url}`);
+        }
+    }
+}
+WhoAmI.description = "Describes current url set, organization name, and logged in user if applicabled.";
+WhoAmI.flags = {
+    help: flags_1.SHARED_FLAGS.help,
+};
+exports.default = WhoAmI;

package/lib/lib/credentials/index.d.ts

@@ -5,12 +5,13 @@ interface OpalCredentials {
     clientIDCandidate?: string;
     secret?: string;
     secretType?: SecretType;
+    organizationName?: string;
 }
 export declare enum SecretType {
     Cookie = "COOKIE",
     ApiToken = "API_TOKEN"
 }
-export declare const setOpalCredentials: (command: Command, email: string | undefined, organizationID: string, clientIDCandidate: string | undefined | null, secret: string, secretType: SecretType) => Promise<void>;
+export declare const setOpalCredentials: (command: Command, email: string | undefined, organizationID: string, clientIDCandidate: string | undefined | null, secret: string, secretType: SecretType, organizationName?: string) => Promise<void>;
 export declare const getOpalCredentials: (command: Command, includeAuthSecret?: boolean) => Promise<OpalCredentials>;
 export declare const removeOpalCredentials: (command: Command) => Promise<void>;
 export {};

package/lib/lib/credentials/index.js

@@ -9,13 +9,14 @@ var SecretType;
     SecretType["Cookie"] = "COOKIE";
     SecretType["ApiToken"] = "API_TOKEN";
 })(SecretType || (exports.SecretType = SecretType = {}));
-const setOpalCredentials = async (command, email, organizationID, clientIDCandidate, secret, secretType) => {
+const setOpalCredentials = async (command, email, organizationID, clientIDCandidate, secret, secretType, organizationName) => {
     const givenEmail = email || "email-unset";
     const configData = (0, config_1.getOrCreateConfigData)(command.config.configDir);
     configData.creds = {
         clientIDCandidate,
         email,
         organizationID,
+        organizationName,
         secretType,
     };
     (0, config_1.writeConfigData)(command.config.configDir, configData);

package/lib/lib/requests.d.ts

@@ -19,6 +19,7 @@ type RoleNode = {
     roleName: string;
 };
 export type RequestMap = Record<string, AppNode>;
+export declare const DISPLAY_LABELS: Partial<Record<EntityType, string>>;
 type DurationOption = {
     durationInMinutes: number;
     label: string;

package/lib/lib/requests.js

@@ -1,5 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.DISPLAY_LABELS = void 0;
 exports.initEmptyRequestMetadata = initEmptyRequestMetadata;
 exports.selectRequestableItems = selectRequestableItems;
 exports.doneSelectingAssets = doneSelectingAssets;
@@ -15,7 +16,7 @@ const graphql_1 = require("../graphql");
 const graphql_2 = require("../graphql/graphql");
 const displays_1 = require("../utils/displays");
 const config_1 = require("./config");
-const { AutoComplete, Select, prompt, Form, confirm } = require("enquirer");
+const { AutoComplete, Select, prompt, Form } = require("enquirer");
 function entityTypeFromString(str) {
     const capStr = str === null || str === void 0 ? void 0 : str.toLocaleUpperCase();
     if (capStr === "RESOURCE") {
@@ -27,6 +28,10 @@ function entityTypeFromString(str) {
     // if type unknown, default to resource
     return graphql_2.EntityType.Resource;
 }
+exports.DISPLAY_LABELS = {
+    [graphql_2.EntityType.Resource]: "Resource",
+    [graphql_2.EntityType.Group]: "Group",
+};
 function initEmptyRequestMetadata() {
     // Initialize with empty defaults
     const requestDefaults = {
@@ -238,7 +243,7 @@ async function queryAssetRoles(cmd, client, assetType, assetId) {
     var _a, _b, _c, _d, _e, _f, _g, _h;
     try {
         switch (assetType) {
-            case "Resource": {
+            case graphql_2.EntityType.Resource: {
                 const resp = await client.query({
                     query: RESOURCE_ROLES_QUERY,
                     variables: {
@@ -267,7 +272,7 @@ async function queryAssetRoles(cmd, client, assetType, assetId) {
                 }
                 return;
             }
-            case "Group": {
+            case graphql_2.EntityType.Group: {
                 const resp = await client.query({
                     query: GROUP_ROLES_QUERY,
                     variables: {
@@ -697,7 +702,7 @@ function appRolesFromEdge(edge) {
                     value: {
                         id: edge.node.id + accessLevel.accessLevelRemoteId,
                         name: accessLevel.accessLevelName,
-                        type: graphql_2.EntityType.Resource,
+                        type: exports.DISPLAY_LABELS[graphql_2.EntityType.Resource],
                         toString: () => accessLevel.accessLevelName,
                     },
                 }));
@@ -708,7 +713,7 @@ function appRolesFromEdge(edge) {
                     value: {
                         id: edge.node.id,
                         name: (_b = edge.alias) !== null && _b !== void 0 ? _b : edge.node.name,
-                        type: graphql_2.EntityType.Resource,
+                        type: exports.DISPLAY_LABELS[graphql_2.EntityType.Resource],
                         toString: () => { var _a; return (_a = edge.alias) !== null && _a !== void 0 ? _a : edge.node.name; },
                     },
                 },
@@ -717,11 +722,11 @@ function appRolesFromEdge(edge) {
         case "Group":
             return [
                 {
-                    message: (_c = edge.alias) !== null && _c !== void 0 ? _c : edge.node.name,
+                    message: `${(_c = edge.alias) !== null && _c !== void 0 ? _c : edge.node.name} ${graphql_2.EntityType.Group}`,
                     value: {
                         id: edge.node.id,
                         name: (_d = edge.alias) !== null && _d !== void 0 ? _d : edge.node.name,
-                        type: graphql_2.EntityType.Group,
+                        type: exports.DISPLAY_LABELS[graphql_2.EntityType.Group],
                         toString: () => { var _a; return (_a = edge.alias) !== null && _a !== void 0 ? _a : edge.node.name; },
                     },
                 },
@@ -1068,8 +1073,10 @@ async function bypassRequestSelection(cmd, client, flagValue, metadata) {
     var _a, _b;
     try {
         // Query Catalog Item endpoint to identify what the id belongs to (resource or group)
-        for (const id of flagValue) {
-            const [assetId, roleName] = id.split(":");
+        for (const val of flagValue) {
+            const delimiterIndex = val.indexOf(":");
+            const assetId = val.substring(0, delimiterIndex);
+            const roleName = val.substring(delimiterIndex + 1);
             const resp = await client.query({
                 query: CATALOG_ITEM,
                 variables: {
@@ -1096,7 +1103,7 @@ async function bypassRequestSelection(cmd, client, flagValue, metadata) {
                             assets: {},
                         };
                     }
-                    const assetEntry = metadata.requestMap[appId].assets[id];
+                    const assetEntry = metadata.requestMap[appId].assets[assetId];
                     if (!assetEntry) {
                         metadata.requestMap[appId].assets[assetId] = {
                             assetId: assetId,

package/lib/utils/displays.d.ts

@@ -1,7 +1,7 @@
 import type { ApolloQueryResult } from "@apollo/client";
 import type { Command } from "@oclif/core/lib/command";
 import type { GetRequestQuery, GetRequestsQuery } from "../graphql/graphql";
-import type { RequestMap, RequestMetadata } from "../lib/requests";
+import { type RequestMap, type RequestMetadata } from "../lib/requests";
 export declare function headerMessage(cmd: Command): void;
 export declare function treeifyRequestMap(cmd: Command, requestMap: RequestMap): void;
 export declare function displayFinalRequestSummary(cmd: Command, metadata: RequestMetadata): void;

package/lib/utils/displays.js

@@ -7,6 +7,7 @@ exports.getStyledStatus = getStyledStatus;
 exports.displayRequestDetails = displayRequestDetails;
 exports.displayRequestListTable = displayRequestListTable;
 const chalk_1 = require("chalk");
+const requests_1 = require("../lib/requests");
 const Table = require("cli-table3");
 const treeify = require("object-treeify").default;
 function headerMessage(cmd) {
@@ -30,7 +31,7 @@ function treeifyRequestMap(cmd, requestMap) {
         for (const [_assetId, assetNode] of Object.entries(appNode.assets)) {
             // If okta/azure asset with no role, change asset name
             const assetName = assetNode.assetName || "No Role (Direct access)";
-            const assetKey = `${assetName} ${chalk_1.default.dim(`[${assetNode.type}]`)}`;
+            const assetKey = `${assetName} ${chalk_1.default.dim(`[${requests_1.DISPLAY_LABELS[assetNode.type]}]`)}`;
             if (assetNode.roles !== undefined) {
                 assetsTree[assetKey] = {};
                 for (const [_roleId, roleNode] of Object.entries(assetNode.roles)) {

package/oclif.manifest.json

@@ -316,6 +316,34 @@
         "set-url.js"
       ]
     },
+    "whoami": {
+      "aliases": [],
+      "args": {},
+      "description": "Describes current url set, organization name, and logged in user if applicabled.",
+      "flags": {
+        "help": {
+          "char": "h",
+          "description": "Show CLI help.",
+          "name": "help",
+          "allowNo": false,
+          "type": "boolean"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "whoami",
+      "pluginAlias": "opal-security",
+      "pluginName": "opal-security",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": false,
+      "relativePath": [
+        "lib",
+        "commands",
+        "whoami.js"
+      ]
+    },
     "aws:identity": {
       "aliases": [],
       "args": {},
@@ -606,10 +634,10 @@
           "allowNo": false,
           "type": "boolean"
         },
-        "id": {
-          "char": "i",
-          "description": "The id of the asset (resource, group) to request access to. Append a role ID using a colon if needed, e.g. `--id 123:456`.        \n If not provided, an interactive selection flow will be available to select assets to request.",
-          "name": "id",
+        "assets": {
+          "char": "a",
+          "description": "The ids of the assets (resource, group) to request access to. Append a role ID using a colon if needed, e.g. `--assets 123:456`.        \n If not provided, an interactive selection flow will be available to select assets to request.",
+          "name": "assets",
           "hasDynamicHelp": false,
           "multiple": true,
           "type": "option"
@@ -1003,5 +1031,5 @@
       ]
     }
   },
-  "version": "3.1.1-beta.8ec7545"
+  "version": "3.1.1-beta.96a5722"
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "opal-security",
   "description": "Opal allows you to centrally manage access to all of your sensitive systems.",
-  "version": "3.1.1-beta.8ec7545",
+  "version": "3.1.1-beta.96a5722",
   "author": "Stephen Cobbe",
   "bin": {
     "opal": "./bin/run"