Versions Compared

Old Version 5

changes.mady.by.user Serhii Boldin (SoE eHealth)

Saved on

compared with

New Version 6

changes.mady.by.user Oleksandr Zhuk (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Purpose

This WS allows to create forbidden group from Admin panel. The group will be used as additional restriction on get/search specific medical events.

...

Page Properties
idAPI_Specification

Link

API paragraph not found-

Посилання на Apiary або Swagger

Resource

API paragraph not found/graphql

Посилання на ресурс, наприклад: /api/persons/create

Scope

forbidden_group:write

Scope для доступу

Components

API paragraph not found-

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found-

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

API paragraph not found-

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

API paragraph not found-

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

API paragraph not found-

Метод є синхронним чи асинхронним?

Public/Private/Internal

Private

Потрібно зазначити тип методу за ступенем доступності

Expand
Code Block
"""
Input for `createForbiddenGroup` mutation.
User must have a scope **forbidden_group:write**
"""
input CreateForbiddenGroupInput {
  "The name of the `ForbiddenGroup`."
  name: String!
  "Reason for creating the `ForbiddenGroup`."
  creationReason: String!
}

"""
Return type for `createForbiddenGroup` mutation.
"""
type CreateForbiddenGroupPayload {
  "Created `ForbiddenGroup`."
  forbiddenGroup: ForbiddenGroup
}

...

  1. Save signed content to media storage

  2. Save data to forbidden_groups table (PRM DB) according to Forbidden group data model

Request structure

API paragraph not found

Authorize

  • Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  • Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  • Check user scopes in order to perform this action (scope = 'forbidden_group:write')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:write”) in case of invalid scope(s)

...

API paragraph not found

Request data validation

Validate legal entity

...

  • Check name and creation_reason is submitted

    • in case of error - return 422 ('required property <name/creation_reason> was not present')

Processing

 API paragraph not found

Response structure

 API paragraph not found

Post-processing processes

 API paragraph not found

HTTP status codes

...