Versions Compared

Version Old Version 2 New Version 3
Changes made by

sveta vedmed

sveta vedmed

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Purpose

This service is designed to obtain list of contract_requests by NHS employee.

...

  1. only nhs employee with scope "contract_requests:read" can get list of contract_requests
  2. list of contract_request could be filterednhs employee can change only some fields in contract - issue_city, nhs_base, price

Specification

  • Apiary
  • json schema
  • websequensediagram

...

List of contract requests could be filtered by

  • idid 
  • legal_entity_id
  • contractor_id 
  • status
  • contract_number

Validation

Validate token

  • token is activeVerify the validity of access token
    • Return 401 in case validation fails
  • token is not expired

validate scopes

  • scope = contract
    • in case error return 401 

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract_requests:read')
    1. Return 403 in case invalid scope(s)

validate nhs employee

...

extract user_id from token

extract client_id from token

  • Check if user is active
    • in case error return 403 - (user is not active)
  • check nhs_legal_entity is active
    • in case error return 403 - (Client is not active)

Response

list of contract_request