Versions Compared

Old Version 1

changes.mady.by.user Oleg Brizhatiy

Saved on

compared with

New Version Current

changes.mady.by.user Serhii Boldin (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Purpose

This WS allows to deactivate rule engine rule from Admin panel.

Key points

  1. This is a graphQl method used in Administration panel only.

  2. Only authenticated and authorized NHS employee with appropriate scope can deactivate a rule engine rule.

  3. Rule engine rule should be deactivated with DS.

  4. Only active rule engine rule can be deactivated.

Specification

...

Page Properties
idAPI_Specification

Link

API paragraph not found

Посилання на Apiary або Swagger

Resource

API paragraph not found

Посилання на ресурс, наприклад: /api/persons/create

Scope

rule_engine_rule:write

Scope для доступу

Components

API paragraph not found

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

API paragraph not found

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

API paragraph not found

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

API paragraph not found

Метод є синхронним чи асинхронним?

Public/Private/Internal

API paragraph not found

Потрібно зазначити тип методу за ступенем доступності

Expand
titleRequest example
Code Block
"""
Input for `deactivateRuleEngineRule` mutation.
User must have a scope **rule_engine_rule:write**
"""
input DeactivateRuleEngineRuleInput {
  "Signed data to deactivate rule engine set"
  signedContent: SignedContent!
}

"""
Return type for `deactivateRuleEngineRule` mutation.
"""
type DeactivateRuleEngineRulePayload {
  "Deactivated `RuleEngineRule`."
  ruleEngineRule: RuleEngineRule
}

...

Logic
  1. Save signed content to media storage
  2. Update data:
    1. rule_engine_rules collection
      1. set is_active = false
      2. set deactivation_reason = $.deactivation_reason
      3. set updated_at, updated_by
Authorize
  • Verify the validity of access token
    • in case of error - return 401 (“Invalid access token”) in case of validation fails
  • Verify that token is not expired
    • in case of error - return 401 (“Invalid access token”)
  • Check user scopes in order to perform this action (scope = 'rule_engine_rule:write')
    • return 403 (“Your scope does not allow to access this resource. Missing allowances: rule_engine_rule:write”) in case of invalid scope(s)
Headers
API paragraph not found
Request data validation
Validate legal entity
  • Extract client_id from token.
  • Check client scopes in order to perform this action (scope = 'rule_engine_rule:write')
    • in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: rule_engine_rule:write”)
  • Check client type (type = NHS)
    • In case of error - return 403 ('You don't have permission to access this resource')
  • Check legal entity status (status = ACTIVE)
    • In case of error - return 409 ('client_id refers to legal entity that is not active')
Validate Digital Sign
  • Validate request is signed
    • in case of error - return 422 (“document must be signed by 1 signer but contains 0 signatures”)
  • Check DS is valid and not expired
  • Validate that DS belongs to the user
    • Check that EDRPOU from DS and legal_entities.edrpou of client_id matches
      • in case of error - return 409 (“Signer edrpou doesn’t match with requester edrpou”)
    • Check that DRFO from DS and party.tax_id matches
      • in case of error - return 422 (“Does not match the signer drfo“)
Validate request
  • Check rule_id submitted
    • in case not submitted - return 422 ('required property rule_id was not present')
    • in case not exist or not active - return 404 ('not found')
  • Check deactivation_reason submitted
    • in case of error - return 422 ('required property deactivation_reason was not present')
Service logic
...
Save signed content to media storage
Update data:
rule_engine_rules collection
...
set is_active = false
...
set deactivation_reason = $.deactivation_reason
...
Processing
 API paragraph not found
Response structure
API paragraph not found
 
Post-processing processes
 API paragraph not found
HTTP status codes
 API paragraph not found