Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Purpose

This WS allows to set party verification status for DRACS death stream using Admin panel.

...

 

Key points

  1. This graphQl method is used in Administration panel only.

  2. Only authenticated and authorized NHS employee with appropriate scope can verify parties.

  3. This graphQl method can be used to verify employees with NHS client type only.

Specification

Expand
titleindex.graphql
Code Block
"Updates DRACS death verification status for a single `Party` by NHS using its globally unique ID."
  updatePartyDracsDeathVerificationStatus(
    input: UpdatePartyDracsDeathVerificationStatusInput!
  ): UpdatePartyDracsDeathVerificationStatusPayload
Expand
titleUpdatePartyDracsDeathVerificationStatus mutation
Code Block
"""
Input for `updatePartyDracsDeathVerificationStatus` mutation.
"""
input UpdatePartyDracsDeathVerificationStatusInput {
  "Party unique identifier."
  partyId: ID!
  "Party verification status"
  dracsDeathVerificationStatus: PartyVerificationStatus!
  "Party DRACS verification reason"
  dracsDeathVerificationReason: PartyDracsVerificationReason!
  "Description about party verification status"
  verificationComment: String
}

"""
Return type for `updatePartyDracsDeathVerificationStatus` mutation.

In order to verify party user must have a scope `employee:verify`.
"""
type UpdatePartyDracsDeathVerificationStatusPayload {
  "Payload for party."
  party: Party
}

Authorization

  • Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  • Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  • Check user scopes in order to perform this action (scope = 'employee:verify')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: employee:verify”) in case of invalid scope(s)

Validate legal entity

  • Extract client_id from token.

  • Check client scopes in order to perform this action (scope = 'employee:verify')

    • in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: employee:verify”)

  • Check legal entity status (status = ACTIVE)

    • In case of error - return 409 ('client_id refers to legal entity that is not active')

Validate request

Field Id, required.

  • Check it is submitted

    • in case of error - return 422 ('required property <name/creation_reason> was not present')

  • Check that party exists in prm.parties

    • in case of error - return 404 “Party does not exist“

  • Find employee in prm.employees where employee.party_id = $.partyId

    • in case of error - return 404 "Such employee doesn't exist"

  • Select at least one employee of employees that have been found at previous step whose legal entity is NHS

    • in case of error - return 422 "DRACS Death verification is allowed for NHS employees only"

  • Check if this employee is active: employee.status = 'APPROVED' and employee.is_active = true

    • in case of error - return 409 "Such employee isn't active"

Field verificationStatus, required

  • Check it is submitted

    • in case of error - return 422 ('required property <name/creation_reason> was not present')

  • Check value is allowed according to schema.

    • in case of error - return 422 ('value is not allowed in enum')

Field verificationReason, required

  • Check it is submitted

    • in case of error - return 422 ('required property <name/creation_reason> was not present')

  • Check value is allowed according to schema.

    • in case of error - return 422 ('value is not allowed in enum')

Status transition

  • Check status transition allowed according to schema.

    • For transition NOT_VERIFIED to IN_REVIEW it is required to have verification reason = MANUAL, if there are other reasons - an error should be returned.

    • For transition IN_REVIEW to VERIFIED it is required to have verification reason in (MANUAL_CONFIRM, MANUAL_NOT_CONFIRM), if there are other reasons - an error should be returned.

    • For transition NOT_VERIFIED to VERIFIED it is required to have verification reason in (MANUAL_CONFIRMED, MANUAL_NOT_CONFIRMED), if there are other reasons - an error should be returned.

      • in case of error - return 422 ('Can\'t update verification status from <old status value> with <old verification reason> verification reason to <new status value> with <new verification reason> verification reason')

Service logic

  1. Set fields in party_verifications table (prm database):

    1. dracs_death_verification_status = $.verification_status

    2. dracs_death_verification_comment = $.verification_comment

    3. dracs_death_verification_reason = $.verification_reason

    4. dracs_death_act_id= $.verification_death_act_id

    5. updated_by = user_id (from token)

    6. updated_at = current timestamp

  2. Calculate cumulative verification status based on persons verification status in each stream:
    DRFO registry verification, DRACS death acts registry verification according to logic described at Party verification status model | Cumulative verification status:

    • Set calculated status to prm.party_verifications field

  3. Create StatusChangeEvent in event manager with new verification status if it was changed