Table of Contents |
---|
Purpose
...
- Get all party_id(s) and their tax_id (tax_id or passport_number)
- Find all user_id(s) by party_id(s) (prm.party_users) - new UI/service for NHS admin (Get Users by party_id list)
- Knowing user_id (mithril.users) Mithril admin must block all those users (is_blocked=true) -
- NHS admin add tax_id to black list.
in order to do that table prm.black_list_users with fields must be created:
- id
- tax_id
- is_active
- inserted_at
- inserted_by
- updated_at
- updated_by - When creating new employee_request there is must be additional verification.
- If party.tax_id=black_list_users.tax_id and is_active=true show 422 error (New employee with this tax_id can't be created).
- Expire all current tokens for all user_id(s) by party_id(s) (mithril.tokens):
- expires_at= now()
- To delete user from black_list set is_active=false
...
Create new Black list user
Destination | Source | Description |
---|---|---|
id | Autogenerated | |
tax_id | Request: $.tax_id | |
is_active | Const: true | |
inserted_at | Timestamp: now() | Get current date-time |
inserted_by | Token: user_id | Extract user from token |
updated_at | Timestamp: now() | Get current date-time |
updated_by | Token: user_id | Extract user from token |
Deactivate black list user
This WS is design to update flags "is_active" for Black list users.
Authorize
- Verify the validity of access token
- In case error - generate 401 response
- Check user scope (scope = 'bl_user:deactivate') in order to perform this action
- In case error - generate 403 response
Validate PK Black list User
Check exist `Black_list_user` by $.id.
if invalid - return 404 error (message: "User in black list with id={$.id} doesn't exist.")
Validate status
- Validate `is_active` == TRUE
- if invalid - return 409 error (message: "User is not in a black list")
Deactivate black list user
Update black list user record by $.id set values:
Destination | Source |
---|---|
is_active | FALSE |
updated_at | :timestamp |
updated_by | user_id |
Get black list user List
This WS is designed to return Black list users list.
Query parameters (filters)
- id (exact match, optional)
- tax_id (exact match, optional)
- is_active (exact match, optional)
Authorize user
- Verify the validity of access token
- In case error - generate 401 response
- Check user scopes in order to perform this action (scope = 'bl_user:read')
- In case error - generate 403 response
Query data
- Get all records from prm.black_list_users filtered by query params and enriched by name and birth_date (from prm.parties by tax_id):
Fields | Description |
---|---|
id | |
tax_id | |
party_id | |
last_name | |
first_name | |
second_name | |
birth_date | |
is_active |