Versions Compared

Old Version 1

changes.mady.by.user Bogdana Konovalenko (Unlicensed)

Saved on

compared with

New Version 2

changes.mady.by.user Bogdana Konovalenko (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

This web service is designed to obtain full information about contract by

Overview

  • only nhs employee with scopes contract:read can see details of contract

...

Validation

Validate token

  • Verify the validity of access token
    • Return 401 in case validation fails
  • token is not expired
    • in case error return 401 

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract:read')
    1. Return 403 in case invalid scope(s)

...

  • if TOKENS_TYPES_PERSONAL
    • Check client_id = contracts.contractor_legal_entity_id
      • in case error return 403 "You are not allowed to view this contract"

...

  • Validate contract id. Check contract.id = $.id
    • in case error return 404 ("Contract with id=$id doesn't exist")

Responses

In response show ops.contracts.id+ops.employee_divisions.id and end_date is null