| Table of Contents |
|---|
...
- Verify the validity of access token
- Return 401 in case validation fails
- Check scopes in order to perform this action (scope = 'employee_role:write')
- Return 403 in case invalid scope(s)
Validate legal entity
Check that legal entity is active (status = ACTIVE, SUSPENDED)
- Extract client_id from token (token.client_id == legal_entity_id)
- Check legal entity status (status = ACTIVE, SUSPENDED)
Validate employee role
- Check that employee role with such ID exists in the system (is_active = true)
- In case of error - return 404
- Check that employee role belongs to the same legal entity as the user
- In case of error - return 403
...
| Parameter | Source | Description |
|---|---|---|
| end_date | Timestamp: now() | Get current date-time |
| status | Const: INACTIVE | |
| updated_at | Timestamp: now() | Get current date-time |
| updated_by | Token: user_id |