Versions Compared

Old Version 11

changes.mady.by.user Edward Voloshin (Unlicensed)

Saved on

compared with

New Version 12

changes.mady.by.user Bogdana Konovalenko (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


n/nDescriptionInputsExpected ResultStep by Step ScriptActual Result

Actual GraphQL Result

RPAMT1

NHS Admin call reset person authentication method

  • Authorization - NHS Admin  
  • scope Valid
    (person:reset_authentication_method)
  • Person.id - Valid
  • Person.status = ACTIVE - Valid
  • Person.authentication_methods [0].type = OTP- Valid

Response 200

Saved in DB `mpi.persons.authentication_methods` value = " { “type”: “NA”  }. ]"

  1. Login as NHS admin 
  2. Call ResetPerson AuthenticationMethod()
  •  
200
RPAMT2Doctor call WS direct
  • Authorization - Doctor   
  • scope missing (person:reset_authentication_method)
  • Person.id - Valid
  • Person.status = ACTIVE - Valid

Response 403


  1. Login as Doctor
  2. Call ResetPerson AuthenticationMethod()
  •  
401
RPAMT3

NHS Admin call reset person authentication method with bad person_id

  • Authorization - NHS Admin  
  • scope Valid
    (person:reset_authentication_method)
  • Person.id - Invalid

Response 404

Not found

  1. Login as NHS admin 
  2. Call ResetPerson AuthenticationMethod()
  •  
404,
Person not found
RPAMT4

NHS Admin call reset person authentication method with bad status of person

  • Authorization - NHS Admin  
  • scope Valid
    (person:reset_authentication_method)
  • Person.id - Valid
  • Person.status = INACTIVE - Invalid

Response 409

Not found

  1. Login as NHS admin 
  2. Call ResetPerson AuthenticationMethod()
  •  
404,
Person not found

As we show inactive persons it would be better to return FORBIDDEN