Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

Table of Contents

Purpose

This web service is designed to add/update contract request assignee by nhs employee. Employee can add himself as an assigner or any other employee. Contract Request must be in status 'NEW'.

Specification


Request

  • employee

    assignee_id

Validation

Validate token

  • Verify the validity of access token

    • Return 401 in case validation fails

  • Check if token is not expired

    • in case error return 401 - "Token is expired"

Validate user

extract user_id from token

extract client_id from token

  • Check if user is active

    • in case error return 403 - (user is not active)

  • check nhs_legal_entity is active

    • in case error return 403 - (Client is not active)

  • Check user

     role

     role = "NHS ADMIN SIGNER"

    • in case error return 403 "User is not allowed to perform this action"

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract_

    requests

    request:update')

    • Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"

Validate contract request id and status

  • Validate contract request ID exist

    • in case of error return 404 - not found

  • Check contract_request.status

    =NEW

    in('NEW', 'IN_PROCESS')

    • in case error return 422 - "Incorrect status of contract_request to modify it"

Validate request

  1. Fetch prm.employees by  $employee_id. Validate

    1. employees.legal_entity_id=$client_id

      1. in case of error return 422 error ('Invalid legal entity id') 

    2. employees.status=APPROVED

      1. in case of error return 409 error ('Invalid employee status')

    3. check employee.party→ party_users→ users_roles→ roles exist role with name = 'NHS ADMIN SIGNER'

      1. in case of error return

        422

        403 error ('Employee doesn't have required role')

Response

mapping

field

value

status

IN_PROCESS

updated_at

now()

updated_by

$.user_id

assignee_id

$.employee_id


Add status to event manager

After status was changed (status = IN_PROCESS) - add new status to event_manager


field

value

event_type

StatusChangeEvent

entity_type

Contract_request

entity_id

$.id

properties.status.new_value

$.status

event_time

$.update_at

changed_by

$.changed_by