...

This WS is designed to update list of employees and related divisions which belongs to contract. Update must be done trough through signed content and for batch of employees.

...

1. 1. Verify the validity of access token
      1. in case of error return 401 ('Access denied')
   2. Check user scope contract:write in order to perform this action
      1. in case of error generate 401 response ('Invalid scopes')

Check employee

Update contract_employees can be done by owner with necessary scopes in equal legal_entity_id and same id as was perviously input in contract.

1. Extract legal_entity_id (client_id) from token. Take contract_id.
2. Check client_id=contractor.legal_entity_id (contractor_side) - in case of error return 403 Error ('Invalid client id')
   1. Extract token →  users.id → party_users.party_id → employee_id.
      1. Check employees.employee_id=contractor_owner_id and client_id=employee.legal_entity_id
      2. In case of error return 422 Error ('Employee is not allowed to sign')

...

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.

Validate DRFO

1. Check that DRFO in Certificate details exists and not empty
   1. in case of error return 422 error ('Invalid DRFO in DS')
2. Check that DRFO in Certificate details is equal to DRFO in Party
   1. Get party.tax_id using user_id from token (user.id→ party_users.party_id → parties.id.tax_id)
   2. Compare DRFO in Certificate with party.tax_id
      1. Convert DRFO and TAX_ID to uppercase
      2. Compare DRFO and TAX_ID as Cyrillic letters
      3. Convert DRFO to Cyrillic and compare as Cyrillic letters
   3. In case validation fails - generate 422 error

...

1. From user_roles and roles check that  user has roles = 'OWNER'
   1. in case of error return 403 Error ('User is not allowed to this action by role')
2. Validate client_id (the owner belong to legal entity)
   1. in case of error return 403 Error ('User is not allowed to this action by client_id')

Validate request

1. Check contract_id exists. In case of error return 404 Error ('Contract with this ID doesn't exist')
2. Check contract with  $contract_id has status 'VERIFIED'. In case of error return 422 Error ('Not active contract can't be updated')
3. Validate contractor_employee_divisions
   1. Employees from employee_divisions has employee_type='DOCTOR', status='APPROVED', division is not null
      1. in case of error return 422  error view $employee ('Employee must be active DOCTOR with linked division')
   2. By contract_id find contractor_legal_entity_id. Check divisions belongs to legal_entity and divisions.status='active'. 
      1. in case of error return 422  error view $divisions ('Division must be active and within current legal_entity')
   3. Check employee belongs to division
      1.  in case of error return 422  error view $employee  ('Employee must be within current division')

Search current contract_employees by contract id

1. Fetch all ops.contract_employees.id by $contract_id and end_date=null. For all such rows set end_date=now()::date
2. Insert into ops.contract_employees new batch of employees which were received in request.
   1. set start_date=now()::date+1
   2. end_date=null