feat: retrieve roles by issuer ICS-86

docs/api/classes/GnosisIam.GnosisIam-1.md

@@ -49,6 +49,7 @@ The domain ownership functionality has been redefined accordingly.
 - [deleteClaim](GnosisIam.GnosisIam-1.md#deleteclaim)
 - [deleteOrganization](GnosisIam.GnosisIam-1.md#deleteorganization)
 - [deleteRole](GnosisIam.GnosisIam-1.md#deleterole)
+- [getAllowedRolesByIssuer](GnosisIam.GnosisIam-1.md#getallowedrolesbyissuer)
 - [getAppsByOrgNamespace](GnosisIam.GnosisIam-1.md#getappsbyorgnamespace)
 - [getAssetById](GnosisIam.GnosisIam-1.md#getassetbyid)
 - [getAssetHistory](GnosisIam.GnosisIam-1.md#getassethistory)
@@ -700,6 +701,33 @@ deleteRole
 
 ___
 
+### getAllowedRolesByIssuer
+
+▸ **getAllowedRolesByIssuer**(`__namedParameters`): `Promise`<`string`[]\>
+
+getAllowedRolesByIssuer
+
+**`description`** get all roles that a DID can issue, given its role credentials and all role definitions
+
+#### Parameters
+
+| Name | Type | Description |
+| :------ | :------ | :------ |
+| `__namedParameters` | `Object` | - |
+| `__namedParameters.did` | `string` | DID of issuer |
+
+#### Returns
+
+`Promise`<`string`[]\>
+
+array of roles that the DID can issue
+
+#### Inherited from
+
+[IAM](iam.IAM.md).[getAllowedRolesByIssuer](iam.IAM.md#getallowedrolesbyissuer)
+
+___
+
 ### getAppsByOrgNamespace
 
 ▸ **getAppsByOrgNamespace**(`__namedParameters`): `Promise`<[`IApp`](../interfaces/cacheServerClient_cacheServerClient_types.IApp.md)[]\>

docs/api/classes/cacheServerClient_cacheServerClient.CacheServerClient.md

@@ -21,6 +21,7 @@
 - [addDIDToWatchList](cacheServerClient_cacheServerClient.CacheServerClient.md#adddidtowatchlist)
 - [addFailedRequest](cacheServerClient_cacheServerClient.CacheServerClient.md#addfailedrequest)
 - [deleteClaim](cacheServerClient_cacheServerClient.CacheServerClient.md#deleteclaim)
+- [getAllowedRolesByIssuer](cacheServerClient_cacheServerClient.CacheServerClient.md#getallowedrolesbyissuer)
 - [getAppDefinition](cacheServerClient_cacheServerClient.CacheServerClient.md#getappdefinition)
 - [getApplicationRoles](cacheServerClient_cacheServerClient.CacheServerClient.md#getapplicationroles)
 - [getApplicationsByOrganization](cacheServerClient_cacheServerClient.CacheServerClient.md#getapplicationsbyorganization)
@@ -135,6 +136,26 @@ ___
 
 ___
 
+### getAllowedRolesByIssuer
+
+▸ **getAllowedRolesByIssuer**(`__namedParameters`): `Promise`<`string`[]\>
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `__namedParameters` | `Pick`<[`ClaimsQueryParams`](../modules/cacheServerClient_cacheServerClient_types.md#claimsqueryparams), ``"did"``\> |
+
+#### Returns
+
+`Promise`<`string`[]\>
+
+#### Implementation of
+
+[ICacheServerClient](../interfaces/cacheServerClient_ICacheServerClient.ICacheServerClient.md).[getAllowedRolesByIssuer](../interfaces/cacheServerClient_ICacheServerClient.ICacheServerClient.md#getallowedrolesbyissuer)
+
+___
+
 ### getAppDefinition
 
 ▸ **getAppDefinition**(`__namedParameters`): `Promise`<`IAppDefinition`\>

docs/api/classes/iam.IAM.md

@@ -47,6 +47,7 @@ Decentralized Identity and Access Management (IAM) Type
 - [deleteClaim](iam.IAM.md#deleteclaim)
 - [deleteOrganization](iam.IAM.md#deleteorganization)
 - [deleteRole](iam.IAM.md#deleterole)
+- [getAllowedRolesByIssuer](iam.IAM.md#getallowedrolesbyissuer)
 - [getAppsByOrgNamespace](iam.IAM.md#getappsbyorgnamespace)
 - [getAssetById](iam.IAM.md#getassetbyid)
 - [getAssetHistory](iam.IAM.md#getassethistory)
@@ -607,6 +608,29 @@ deleteRole
 
 ___
 
+### getAllowedRolesByIssuer
+
+▸ **getAllowedRolesByIssuer**(`__namedParameters`): `Promise`<`string`[]\>
+
+getAllowedRolesByIssuer
+
+**`description`** get all roles that a DID can issue, given its role credentials and all role definitions
+
+#### Parameters
+
+| Name | Type | Description |
+| :------ | :------ | :------ |
+| `__namedParameters` | `Object` | - |
+| `__namedParameters.did` | `string` | DID of issuer |
+
+#### Returns
+
+`Promise`<`string`[]\>
+
+array of roles that the DID can issue
+
+___
+
 ### getAppsByOrgNamespace
 
 ▸ **getAppsByOrgNamespace**(`__namedParameters`): `Promise`<[`IApp`](../interfaces/cacheServerClient_cacheServerClient_types.IApp.md)[]\>

docs/api/interfaces/cacheServerClient_ICacheServerClient.ICacheServerClient.md

@@ -16,6 +16,7 @@
 
 - [addDIDToWatchList](cacheServerClient_ICacheServerClient.ICacheServerClient.md#adddidtowatchlist)
 - [deleteClaim](cacheServerClient_ICacheServerClient.ICacheServerClient.md#deleteclaim)
+- [getAllowedRolesByIssuer](cacheServerClient_ICacheServerClient.ICacheServerClient.md#getallowedrolesbyissuer)
 - [getAppDefinition](cacheServerClient_ICacheServerClient.ICacheServerClient.md#getappdefinition)
 - [getApplicationRoles](cacheServerClient_ICacheServerClient.ICacheServerClient.md#getapplicationroles)
 - [getApplicationsByOrganization](cacheServerClient_ICacheServerClient.ICacheServerClient.md#getapplicationsbyorganization)
@@ -87,6 +88,22 @@ ___
 
 ___
 
+### getAllowedRolesByIssuer
+
+▸ **getAllowedRolesByIssuer**(`__namedParameters`): `Promise`<`string`[]\>
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `__namedParameters` | `Pick`<[`ClaimsQueryParams`](../modules/cacheServerClient_cacheServerClient_types.md#claimsqueryparams), ``"did"``\> |
+
+#### Returns
+
+`Promise`<`string`[]\>
+
+___
+
 ### getAppDefinition
 
 ▸ **getAppDefinition**(`__namedParameters`): `Promise`<`IAppDefinition`\>

src/cacheServerClient/ICacheServerClient.ts

@@ -61,6 +61,7 @@ export interface ICacheServerClient {
     rejectClaim: ({ message, did }: RejectClaim) => Promise<void>;
     deleteClaim: ({ claimId }: Pick<ClaimsQueryParams, "claimId">) => Promise<void>;
     getDIDsForRole: ({ namespace }: Pick<ClaimsQueryParams, "namespace">) => Promise<string[]>;
+    getAllowedRolesByIssuer: ({ did }: Pick<ClaimsQueryParams, "did">) => Promise<string[]>;
     getDidDocument: ({ did, includeClaims }: Pick<ClaimsQueryParams, "did" | "includeClaims">) => Promise<IDIDDocument>;
     addDIDToWatchList: ({ did }: Pick<ClaimsQueryParams, "did">) => Promise<void>;
     getOwnedAssets: ({ did }: Pick<ClaimsQueryParams, "did">) => Promise<Asset[]>;

src/cacheServerClient/cacheServerClient.ts

@@ -296,6 +296,11 @@ export class CacheServerClient implements ICacheServerClient {
         return data;
     }
 
+    async getAllowedRolesByIssuer({ did }: Pick<ClaimsQueryParams, "did">) {
+        const { data } = await this.httpClient.get<string[]>(`/claim/issuer/roles/allowed/${did}`);
+        return data;
+    }
+
     async getDidDocument({ did, includeClaims }: Pick<ClaimsQueryParams, "did" | "includeClaims">) {
         const { data } = await this.httpClient.get<IDIDDocument>(`/DID/${did}?includeClaims=${includeClaims || false}`);
         return data;

src/iam.ts

@@ -1280,6 +1280,20 @@ export class IAM extends IAMBase {
         return this._cacheClient.getDIDsForRole({ namespace });
     }
 
+    /**
+     * getAllowedRolesByIssuer
+     *
+     * @description get all roles that a DID can issue, given its role credentials and all role definitions
+     * @param did DID of issuer
+     * @returns array of roles that the DID can issue
+     */
+    getAllowedRolesByIssuer({ did }: { did: string }) {
+        if (!this._cacheClient) {
+            throw new CacheClientNotProvidedError();
+        }
+        return this._cacheClient.getAllowedRolesByIssuer({ did });
+    }
+
     /**
      * getSubdomains
      *