Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

...

Request to process the request using a token in the headers

Headers

Наприклад:

Content-Type:application/json
Authorization:Bearer {{access_token}}
API-key:{{mis_client_secret}}

...

  • Extract user_id from token.

  • Check user has an active and approved employee from legal entity (token) for which one of the conditions is TRUE:

    • has an active Approval granted by the Patient on write or read the Care plan resource (care plan id from URL)

      • Return 403 ('Access denied') in case employee has no Approval on read or write

    • has an active declaration with the patient

      • Return 403 ('Access denied') in case there no active declaration with patient and none of other conditions is true

    • user belongs to the legal entity where the care_plans were created

      • Return 403 ('Access denied') in case employee belongs to another legal_entity and none of conditions above is true

Processing

Service logic

Service returns specified Care plan related to the patient, but without Care plan’s activities:

...