Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

This WS is designed to return records about procedures by patient_id or/and search_params.

Specification

Authorization

Validate token

  • Verify the validity of access token
    • Return 401 in case validation fails
  • Verify token is not expired
    • in case error return 401 

Validate scopes

  • Check user scopes in order to perform this action (scope = 'procedure:read')
    1. Return 403 in case invalid scope(s)

Access to the resource is also managed by ABAC module.

Validation

  1. validate person_id
    1. validate $person_id is existing ID in mpi.persons.id And person is_active=true and status='active
      1. in case error return 404, "Person not found"

...