1  import axios from 'axios'
  2  import { getOauthConfig } from '../../constants/oauth.js'
  3  import { getOAuthHeaders, prepareApiRequest } from '../../utils/teleport/api.js'
  4  
  5  export type AdminRequestType = 'limit_increase' | 'seat_upgrade'
  6  
  7  export type AdminRequestStatus = 'pending' | 'approved' | 'dismissed'
  8  
  9  export type AdminRequestSeatUpgradeDetails = {
 10    message?: string | null
 11    current_seat_tier?: string | null
 12  }
 13  
 14  export type AdminRequestCreateParams =
 15    | {
 16        request_type: 'limit_increase'
 17        details: null
 18      }
 19    | {
 20        request_type: 'seat_upgrade'
 21        details: AdminRequestSeatUpgradeDetails
 22      }
 23  
 24  export type AdminRequest = {
 25    uuid: string
 26    status: AdminRequestStatus
 27    requester_uuid?: string | null
 28    created_at: string
 29  } & (
 30    | {
 31        request_type: 'limit_increase'
 32        details: null
 33      }
 34    | {
 35        request_type: 'seat_upgrade'
 36        details: AdminRequestSeatUpgradeDetails
 37      }
 38  )
 39  
 40  /**
 41   * Create an admin request (limit increase or seat upgrade).
 42   *
 43   * For Team/Enterprise users who don't have billing/admin permissions,
 44   * this creates a request that their admin can act on.
 45   *
 46   * If a pending request of the same type already exists for this user,
 47   * returns the existing request instead of creating a new one.
 48   */
 49  export async function createAdminRequest(
 50    params: AdminRequestCreateParams,
 51  ): Promise<AdminRequest> {
 52    const { accessToken, orgUUID } = await prepareApiRequest()
 53  
 54    const headers = {
 55      ...getOAuthHeaders(accessToken),
 56      'x-organization-uuid': orgUUID,
 57    }
 58  
 59    const url = `${getOauthConfig().BASE_API_URL}/api/oauth/organizations/${orgUUID}/admin_requests`
 60  
 61    const response = await axios.post<AdminRequest>(url, params, { headers })
 62  
 63    return response.data
 64  }
 65  
 66  /**
 67   * Get pending admin request of a specific type for the current user.
 68   *
 69   * Returns the pending request if one exists, otherwise null.
 70   */
 71  export async function getMyAdminRequests(
 72    requestType: AdminRequestType,
 73    statuses: AdminRequestStatus[],
 74  ): Promise<AdminRequest[] | null> {
 75    const { accessToken, orgUUID } = await prepareApiRequest()
 76  
 77    const headers = {
 78      ...getOAuthHeaders(accessToken),
 79      'x-organization-uuid': orgUUID,
 80    }
 81  
 82    let url = `${getOauthConfig().BASE_API_URL}/api/oauth/organizations/${orgUUID}/admin_requests/me?request_type=${requestType}`
 83    for (const status of statuses) {
 84      url += `&statuses=${status}`
 85    }
 86  
 87    const response = await axios.get<AdminRequest[] | null>(url, {
 88      headers,
 89    })
 90  
 91    return response.data
 92  }
 93  
 94  type AdminRequestEligibilityResponse = {
 95    request_type: AdminRequestType
 96    is_allowed: boolean
 97  }
 98  
 99  /**
100   * Check if a specific admin request type is allowed for this org.
101   */
102  export async function checkAdminRequestEligibility(
103    requestType: AdminRequestType,
104  ): Promise<AdminRequestEligibilityResponse | null> {
105    const { accessToken, orgUUID } = await prepareApiRequest()
106  
107    const headers = {
108      ...getOAuthHeaders(accessToken),
109      'x-organization-uuid': orgUUID,
110    }
111  
112    const url = `${getOauthConfig().BASE_API_URL}/api/oauth/organizations/${orgUUID}/admin_requests/eligibility?request_type=${requestType}`
113  
114    const response = await axios.get<AdminRequestEligibilityResponse>(url, {
115      headers,
116    })
117  
118    return response.data
119  }