| Table of Contents |
|---|
...
Request
Validation
Validate token
- Verify the validity of access token
- Return 401 in case validation fails
- token is not expired
- in case error return 401 - "Token is expired"
...
- Check if user is active
- in case error return 403 - (user is not active)
- check nhs_legal_entity is active
- in case error return 403 - (Client is not active)
- Check user role = ??"NHS ADMIN SIGNER"
- in case error return 403 "User is not allowed to perform this action"
Validate scopes
- Check user scopes in order to perform this action (scope = 'contract_requests:update')
- Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"
Validate contract request status
- Check contract_request.status=NEW
- in case error return 422 - "Incorrect status of contract_request to modify it"
...
If status is changed to APPROVED - generate human readable contract request number
- Use algorithm to generate contract request number
- contract request number structure XXXX-1234-5678-9012-345-C , where:
- XXXX - series: numbers + only some letters (A, E, H, K, M, P, T, X)
- 1234-5678-9012-345 - randomly generated numbers and letters A, E, H, K, M, P, T, X.
- C - checksum: Should be calculated using the Damn algorithm or Verhoeff algorithm
Validate uniqueness of human readable contract request number
- generate contract_request_number
- Search contract request number in contract_requests.contract_number
- if exists = go to 'generate contract request number'
- else save contract_request_number to contract_request
Generate Printout form
If status is changed to APPROVED - generate printout form
Invoke MAN to render printuot form.
Request mapping:
Parameter | Source |
|---|---|
| id | CONTRACT_REQUEST |
...