Versions Compared

Old Version 2

changes.mady.by.user Aleksandr Virny (Unlicensed)

Saved on

compared with

New Version 3

changes.mady.by.user Aleksandr Virny (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Purpose

Specification

Apiary

Service logic

  1. Only authenticated and authorized user can use this service
  2. Service returns only employee roles related to the same legal entity as the user

Authentication

  1. Verify the validity of access token
    1. Return 401 in case validation fails
  2. Check scopes in order to perform this action (scope = 'employee_role:read')
    1. Return 403 in case invalid scope(s)

...

  1. Check that employee roel with such ID exists in the system (is_active = true)
    1. In case of error - return 404
  2. Check that employee role with such ID belongs to to the same legal entity as the user
    1. In case of error - return 403

Prepare response

Render response