Table of Contents |
---|
...
- assignee_id
Validation
Validate token
- Verify the validity of access token
- Return 401 in case validation fails
- Check if token is not expired
- in case error return 401 - "Token is expired"
...
- Check if user is active
- in case error return 403 - (user is not active)
- check nhs_legal_entity is active
- in case error return 403 - (Client is not active)
- Check user role = "NHS ADMIN SIGNER"
- in case error return 403 "User is not allowed to perform this action"
Validate scopes
- Check user scopes in order to perform this action (scope = 'contract_requests:update')
- Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"
Validate contract request id and status
- Validate contract request ID exist
- in case of error return 404 - not found
- Check contract_request.status in('NEW', 'IN_PROCESS')
- in case error return 422 - "Incorrect status of contract_request to modify it"
...
field | value |
---|---|
status | IN_PROCESS |
updated_at | now() |
updated_by | $.user_id |
assignee_id | $.employee_id |
Add status to event manager
...