...
This WS allows to get detailed episode info from Admin panel.
Specification*
Link | Посилання на Apiary або SwaggerSee GraphQl Specification |
Resource | Посилання на ресурс, наприклад: /api/persons/createSee GraphQl Specification |
Scope | Scope для доступуepisode:practical_monitor |
Components | Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescriptionAPI paragraph not found |
Microservices | Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABACAPI paragraph not found |
Protocol type | Тип протоколу, який використовується запитом, наприклад: SOAP | RESTAPI paragraph not found |
Request type | Тип запиту API, наприклад: GET, POST, PATCH…API paragraph not found |
Sync/Async | Метод є синхронним чи асинхронним?API paragraph not found |
Public/Private/Internal | Потрібно зазначити тип методу за ступенем доступності |
Logic*
Get episode by id and patient_id
Render detailed episode data according to schema
...
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'episode:practical_monitor')
return 403 (“Your scope does not allow to access this resource. Missing allowances: episode:practical_monitor”) in case of invalid scope(s)
Check user has access to resource according to@rule_-2in ABAC
return 403 (“Access denied. Justification required“) in case of error
...
Extract client_id from token.
Check client scopes in order to perform this action (scope = 'episode:practical_monitor')
in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: episode:monitor”)
Check legal entity status (status = ACTIVE)
In case of error - return 409 ('client_id refers to legal entity that is not active')
...