ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Purpose

Specification

Apiary

Service logic

  1. Only authenticated and authorized user can use this service
  2. Only ACTIVE employee role can be deactivated
  3. Legal entity can deactivate only its own employee roles

Authentication

  1. Verify the validity of access token
    1. Return 401 in case validation fails
  2. Check scopes in order to perform this action (scope = 'employee_role:write')
    1. Return 403 in case invalid scope(s)

Validate legal entity

Check that legal entity is active (status = ACTIVE, SUSPENDED)

  1. Extract client_id from token (token.client_id == legal_entity_id)
  2. Check legal entity status (status = ACTIVE, SUSPENDED)
    1. In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)

Validate employee role

  1. Check that employee role with such ID exists in the system (is_active = true)
    1. In case of error - return 404
  2. Check that employee role belongs to the same legal entity as the user
    1. In case of error - return 403

Validate transition

Only ACTIVE employee role can be deactivated

Available transitions

  1. ACTIVE → INACTIVE

In other cases - return 409 error ('{current_status} employee role cannot be DEACTIVATED')

Update object in DB

ParameterSourceDescription
end_dateTimestamp: now()Get current date-time
statusConst: INACTIVE
updated_atTimestamp: now()Get current date-time
updated_byToken: user_id
  • No labels

ЕСОЗ - публічна документація