Overview

...

Validations

Validate token

• Verify the validity of access token
  • Return 401 in case validation fails
• Verify token is not expired
  • in case of error return 401 

Validate scopes

• Check user scopes in order to perform this action (scope = 'service_request:use')
  1. Return 403 in case invalid scope(s)

...

1. Service request must be active
   1. ME.service_request.status  == "active"
      1. in case of error return 409 "Invalid service request status"
2. Program processing status should be in_queue
   1. ME.service_request.program_processing_status  == "in_queue"
      1. in case of error return 409 "Invalid  program processing status status"

...

1. Validate program according to Pre-Qualify rules.
   1. it is an existing service program (type=service)
      1. in case not found or is_active==false return 422  "Program not found"
      2. in case type!= service return 422 "Invalid program type"
   2.  service(or service_group) is an active member of the program
      1. Select request_allowed, is_active from PRM.program_services where service_id(or group_id) == $.signed_content.code.identifier.value and program_id=$.program.identifier.value
         1. if not found or is_active==false return 422 "Service is not included in the program"

Qualify service request

1. invoke qualify

Validate contract

...

check legal_entity (from token) has active contract with type = '________'(TBD)

1. in case error return 409, “Legal entity does not have a proper contract“

...

validate contract.dates start_date <= now <=end_date

1. in case error return 409, “contract is not active“

...

validate contract.status = 'VERIFIED' and is_active=true

1. in case error return 409, “contract is not active“

validate contract.is_suspended = false

...

Validate used_by_legal_entity

1. Service request must be used by the same legal entity that current user is from 
   1. ME.service_request.used_by_legal_entity=token.legal_entity_id

...