This method searches and returns request to registration employees by id. This method uses scopes and context.
According to requirements:
- Legal entity(Owner, HR) can see only employee_requests that were made by this legal entity.
- NHS Admin can see all employee_requests
...
- id (
GET http://ehealth.edenlabllc.com/api/employee_requests/{$.id}
)id
Validate request
- Verify the validity of access token
- in case error return 401
- Check user scopes in order to perform this action (scope = 'employee_request:read')
- in case error return 403
Validate context
- Get legal_entity.id from '$.context'. Filter employee requests by legal_entity.id
- in case error return 404