...
Extract user_id from token. Check that requester belongs to one of the user’s employee.
in case of error - return 422 ('User is not allowed to create device request dispense for the requesterperformer')
Check performer is an active and approved employee.
in case of error - return 422 ('Employee is not active ')
Check performer relates to the legal entity (client_id from token).
in case of error - return 422 ('Employee does not belong to legal entity from token')
...
Check that device request exists
in case of error - return 422 ('Device request not found')
Check that intent specified in Device request is
orderin case of error - return 409 error ('Only device request with intent = 'order' can be dispensed')
Сheck that Device request is in status 'ACTIVE'
in case of error - return 409 error ('Device request is not active')
Check that dispense_valid_to is greater or equal to current date
in case of error - return 409 ('Device request is expired for dispense')
Validate program
Check that program in dispense is the same as program in device request (request.program.identifier.value = device_requests.program.identifier.value)
in case of error - return 409 ('Program in dispense doesn't match the one in device request')
...