Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

This web service is designed to add/update contract request assignee by nhs employee. Employee can add himself as an assigner or any other employee. Contract Request must be in status 'NEW'.

Specification


Request

  • employeeassignee_id

Validation

Validate token

  • Verify the validity of access token
    • Return 401 in case validation fails
  • Check if token is not expired
    • in case error return 401 - "Token is expired"

...

  • Check if user is active
    • in case error return 403 - (user is not active)
  • check nhs_legal_entity is active
    • in case error return 403 - (Client is not active)
  • Check user role = "NHS ADMIN SIGNER"
    • in case error return 403 "User is not allowed to perform this action"

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract_requests:update')
    • Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"

Validate contract request status

  • Check contract_request.status =NEWin('NEW', 'IN_PROCESS')
    • in case error return 422 - "Incorrect status of contract_request to modify it"

...

fieldvalue
statusIN_PROCESS
updated_atnow()
updated_by$.user_id
assignee_id$.employee_id


Add status to event manager

...