Versions Compared

Version Old Version 4 New Version 5
Changes made by

sveta vedmed (Unlicensed)

sveta vedmed (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

  • id 
  • legal_entity_id
  • contractor_id 
  • status
  • contract_number
  • page
  • page_size

Validation

Validate token

  • Verify the validity of access token
    • Return 401 in case validation fails
  • token is not expired
    • in case error return 401 

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract_requests:read')
    1. Return 403 in case invalid scope(s)

...

Validate employee

extract user_id from token

extract client_id from token

  • Check if user is active
    • in case error return 403 -

...

    • "user is not active

...

    • "
  • check nhs_legal_entity is active
    • in case error return 403 -

...

    • "Client is not active

...

    • "
  • Check user role = ??"NHS ADMIN SIGNER"
    • in case error return 403 "User is not allowed to perform this action"

Response

list of contract_request