Versions Compared

Version Old Version 1 New Version Current
Changes made by

Anna Popelysheva (SoE eHealth)

Anna Popelysheva (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Purpose

This WS is designed to allow NHS employees with appropriate scopes to deactivate Employee records with two options - defining death date and without.

Key points

  1. This is a graphQl query method used in Administration panel only.

  2. Only authenticated and authorized employee with appropriate scope can create employee request.

Specification

Expand
Code Block
 "Deactivates a single `Employee` using its globally unique ID."
  deactivateEmployee(input: DeactivateEmployeeInput!): DeactivateEmployeePayload
Code Block
"""
Input for `deactivateEmployee` mutation.

User must have scope `employee:deactivate`
"""
input DeactivateEmployeeInput {
  "Globally unique ID of the `Employee` which should be deactivated."
  id: ID!
}

"""
Return type for `deactivateEmployee` mutation.
"""
type DeactivateEmployeePayload {
  "Payload for Employee"
  employee: Employee
}

Authorization

  • Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  • Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  • Check user scopes in order to perform this action (scope = 'employee:deactivate')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: 'employee:deactivate') in case of invalid scope(s)

Validate legal entity

employee_belongs to related legal entity

Service logic

Set fields in employees table (prm database)

...