...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
| Table of Contents |
|---|
Purpose
Specification
Service logic
Only authenticated and authorized user can use this service
Only ACTIVE employee role can be deactivated
Legal entity can deactivate only its own employee roles
Authentication
Verify the validity of access token
Return 401 in case validation fails
Check scopes in order to perform this action (scope = 'employee_role:write')
Return 403 in case invalid scope(s)
Validate legal entity
Check that legal entity is active (status = ACTIVE, SUSPENDED)
Extract client_id from token (token.client_id == legal_entity_id)
Check legal entity status (status = ACTIVE, SUSPENDED)
In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)
Validate employee role
Check that employee role with such ID exists in the system (is_active = true)
In case of error - return 404
Check that employee role belongs to the same legal entity as the user
In case of error - return 403
Validate transition
Only ACTIVE employee role can be deactivated
Available transitions
ACTIVE → INACTIVE
In other cases - return 409 error ('{current_status} employee role cannot be DEACTIVATED')
Update object in DB
Parameter | Source | Description |
|---|---|---|
end_date | Timestamp: now() | Get current date-time |
status | Const: INACTIVE | |
updated_at | Timestamp: now() | Get current date-time |
updated_by | Token: |
user_id |