| Table of Contents |
|---|
...
- assignee_id
Validation
Validate token
- Verify the validity of access token
- Return 401 in case validation fails
- Check if token is not expired
- in case error return 401 - "Token is expired"
...
- Check if user is active
- in case error return 403 - (user is not active)
- check nhs_legal_entity is active
- in case error return 403 - (Client is not active)
- Check user role = "NHS ADMIN SIGNER"
- in case error return 403 "User is not allowed to perform this action"
Validate scopes
- Check user scopes in order to perform this action (scope = 'contract_request:update')
- Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"
Validate contract request id and status
...
- Fetch prm.employees by $employee_id. Validate
- employees.legal_entity_id=$client_id
- in case of error return 422 error ('Invalid legal entity id')
- employees.status=APPROVED
- in case of error return 409 error ('Invalid employee status')
- check employee.party→ party_users→ users_roles→ roles exist role with name = 'NHS ADMIN SIGNER'
- in case of error return 422 403 error ('Employee doesn't have required role')
- employees.legal_entity_id=$client_id
...
| field | value |
|---|---|
| status | IN_PROCESS |
| updated_at | now() |
| updated_by | $.user_id |
| assignee_id | $.employee_id |
Add status to event manager
...