Versions Compared

Old Version 22

changes.mady.by.user Vyacheslav Syrskyy

Saved on

compared with

New Version 23

changes.mady.by.user Vyacheslav Syrskyy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Overview

...

Apiary

Validation

Validate token

  • Verify the validity of access token

    • Return 401 in case validation fails

  • Verify token is not expired

    • in case of error return 401 

    Verify

  • check value of ALLOW_OTHER_LE_EMPLOYEES_TO_MANAGE_EPISODE variable in charts configuration

    • if its value is equal to false, verify that user’s employees from care_manager belongs to one of the user_id from token

    .

      • in case of error - return 422 ('User is not allowed to perform this action')

    • otherwise, verify that user’s employees from care_manager belongs to the same Legal Entity as author of the episode

      • in case of error - return 422 ('User is not allowed to perfom this action')

Validate scopes

  • Check user scopes in order to perform this action (scope = 'episode:write')

    1. Return 403 in case invalid scope(s)

...