Requirements
Specification
Validation
Authorization
Verify the validity of access token
Return (401, 'unauthorized') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'unauthorized')
Check user scopes in order to perform this action (scope = 'service_request:use')
Return (403, 'invalid scopes') in case of invalid scope(s)
Validate legal entity
Check legal entity type: it has to be in me_allowed_transactions_le_types config parameter, has status = active
in case of error return 409 "Action is not allowed for the legal entity"
Validate transition
Only active and used service request can be released
Get service request by ID
Service request must be active
ME.status == "active"
in case of error return 409 "Invalid service request status"
Program_processing_status must be "in_queue"
ME.program_processing_status == "in_queue"
in case of error return 409 "Invalid program processing status"
Service logic
Update service request attributes. Erase used_by_employee
Set Medical Events DB: service_requests[<id>].used_by_legal_entity to NULL
Update service request attributes. Erase used_by_legal_entity
Set Medical Events DB: service_requests[<id>].used_by_legal_entity to NULL
Change program_processing_status to
new