...

Logic

API paragraph not foundThis web service is designed to close an episode of care.

Input parameters

...

Request to process the request using a token in the headers

Headers

Наприклад:

...

...

Authorization:Bearer mF_9.B5f-4.1JqM

Request data validation

Validate token

• Verify the validity of access token

  • Return 401 in case validation fails

• Verify token is not expired

  • in case of error return 401 

• Check user scopes in order to perform this action (scope = 'episode:write')

  • Return 403 in case invalid scope(s)

Headers

Наприклад:

• Content-Type:application/json

• Authorization:Bearer {{access_token}}

• API-key:{{secret}}

Request data validation

Validate token

• check value of ALLOW_OTHER_LE_EMPLOYEES_TO_MANAGE_EPISODE variable in charts configuration

  • if its value is equal to false, verify that user’s employees from care_manager belongs to one of the user_id from token

    • in case of error - return 422 ('User is not allowed to perform this action')

  • otherwise, verify that user’s employees from care_manager belongs to the same Legal Entity as author of the episode

    • in case of error - return 422 ('User is not allowed to perfom this action')

Validate

...

• Check user scopes in order to perform this action (scope = 'episode:write')

  1. Return 403 in case invalid scope(s)

Validate legal entity

1. Validate episode belongs to the legal entity where the current user works

   • ME.episode.managing_organization==token.client_id

     • in case of error return 422 "Managing_organization does not correspond to user`s legal_entity"

...