Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note

Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

Info

/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Table of Contents

Properties of a REST API method document

Page Properties
idpage_properties_method_REST API

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-005-007-004-0124

Microservices (namespace)

IL

Component

Employees

Component ID

COM-005-007

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/employee-roles/add-employee-role

Resource

{{host}}/api/employee_roles

Scope

employee_role:write

Protocol type

REST

Request type

POST

Sync/Async

Sync

Public/Private

Public

Purpose

This method allows to add a role to an employee according to the type of medical service for which the role is being added.

Logic

  1. Only authenticated and authorized user can use this service

  2. Employee role must be valid and consistent, i.e. all "foreign keys" must be valid

  3. It can be only one active employee_role for the single employee and healthcare service

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Input parameter

Mandatory

Type

Description

Example

1

2

Request structure

See on API-specification

Expand
titleExample
Code Block
{
  "healthcare_service_id": "98b6ed10-17b4-44f1-892c-7514f66bf505",
  "employee_id": "9d229fcb-6a77-4574-99a5-30729aa518fd"
}

Headers

Key

Value

Mandatory

Description

Example

1

Content-Type

application/json

M

Тип контенту

Content-Type:application/json

2

Authorization

Bearer c2778f3064753ea70de870a53795f5c9

M

Перевірка користувача

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

3

api-key

uXhEczJ56adsfh3Ri9SUkc4en

api-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

Authorize

  1. Verify the validity of access token

    • return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'employee_role:write')

    • return 403 in case invalid scope(s)

  3. If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    • in case not match - return 403 ("Access denied. Party is not verified")

Validate request

Validate request using JSON schema

Validate legal entity

Check that legal entity is active (status = ACTIVE, SUSPENDED)

  1. Extract client_id from token (token.client_id == legal_entity_id)

  2. Check legal entity status (status = ACTIVE, SUSPENDED)

    1. In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)

Validate FK

  1. Validate healthcare_service_id - healthcare service exists and is_active = true

    1. Return 422 in case validation fails

  2. Validate employee_id - employee exists and is_active = true

    1. Return 422 in case validation fails

Validate constraint

It can be only one active employee_role for the single employee and healthcare service

  1. Check that there is no another active record (status = ACTIVE) with the same employee and healthcare service

    1. Return 409 (Duplicated employee role for this employee and healthcare service) in case such pair exists

Validate healthcare service

Check that healthcare service belongs to the same legal entity as the user and healthcare service is active

  1. Extract client_id from token (token.client_id == legal_entity_id)

  2. Validate legal entity on healthcare service

  3. Check healthcare service status (status = ACTIVE)

Validate employee and its specialization

Check that employee belongs to the same legal entity as the user, employee is active and has the same specializations as the healthcare service

  1. Extract client_id from token (token.client_id == legal_entity_id)

  2. Validate legal entity on employee service

  3. Check employee status (status = APPROVED)

  4. Validate specialization on employee (where specialities.speciality_officio = true) and healthcare service

Processing

Save object to DB

Parameter

Source

Description

id

UUID

Autogenerated

start_date

Timestamp: now()

Get current date-time

status

Const: ACTIVE

By default ACTIVE for new records

is_active

Const: TRUE

Always TRUE for new records

inserted_at

Timestamp: now()

Get current date-time

inserted_by

Token: user_id

Extract user from token

updated_at

Timestamp: now()

Get current date-time

updated_by

Token: user_id

Extract user from token

Response structure examples

See on API-specification

Expand
titleExample
Code Block
{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "7c3da506-804d-4550-8993-bf17f9ee0402",
    "healthcare_service_id": "98b6ed10-17b4-44f1-892c-7514f66bf505",
    "employee_id": "9d229fcb-6a77-4574-99a5-30729aa518fd",
    "start_date": "2019-04-20T19:14:13Z",
    "end_date": "2017-12-20T19:14:13Z",
    "status": "ACTIVE",
    "is_active": true,
    "inserted_at": "2017-04-20T19:14:13Z",
    "inserted_by": "e1453f4c-1077-4e85-8c98-c13ffca0063e",
    "updated_at": "2017-04-20T19:14:13Z",
    "updated_by": "2922a240-63db-404e-b730-09222bfeb2dd"
  }
}HTTP status codes

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

201

 Response

 

3

401

Invalid access token

4

403

Access denied. Party is not verified

5

403

 Invalid scope(s)

6

409

Legal entity must be ACTIVE or SUSPENDED

7

409

Validation failed

8

422

 Validation failed

9

Специфічні

10

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

Page Properties Report
headingsID ТМ, Статус
cqllabel = "tr-mis"