Versions Compared

Old Version 2

changes.mady.by.user Aleksandra Novokhatnia (Deactivated)

Saved on

compared with

New Version 3

changes.mady.by.user Aleksandra Novokhatnia (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

Specification

Apiary

...

Person request logic

  1. Only authenticated and authorized user can use this service
  2. New and Approved patient person request can be rejected
  3. The request can be rejected only by the employee who works in the same legal entity in which the request was made.

Authorize user

  1. Verify the validity of access token
    1. Return 401 in case validation fails
  2. Check scopes in order to perform this action (scope = 'patientperson_request:write')
    1. Return 403 in case invalid scope(s)

Validate

...

person request

  1. Check that patient person request with such ID exists in the system (is_active = true)
    1. In case of error - return 404
  2. Check that patient person request belongs to the same legal entity as the user
    1. In case of error - return 403

Change

...

person request

  1. Change entity status in IL_DB.patientperson_request to REJECTED

  2. Set updated_at - now() (Get current date-time)

  3. Set updated_by - user_id (Extract user from token)