ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

Purpose

API paragraph not found

Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/employee-roles/deactivate-employee-role

Посилання на Apiary або Swagger

Resource

/api/employee_roles/{{id}}/actions/deactivate

Посилання на ресурс, наприклад: /api/persons/create

Scope

employee_role:write

Scope для доступу

Components

Scopes model

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

PATCH

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

  1. Only authenticated and authorized user can use this service

  2. Only ACTIVE employee role can be deactivated

  3. Legal entity can deactivate only its own employee roles

Request structure

API paragraph not found

Authorize

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'employee_role:write')

    1. Return 403 in case invalid scope(s)

Headers

API paragraph not found

Request data validation

Validate legal entity

Check that legal entity is active (status = ACTIVE, SUSPENDED)

  1. Extract client_id from token (token.client_id == legal_entity_id)

  2. Check legal entity status (status = ACTIVE, SUSPENDED)

    1. In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)

Validate employee role

  1. Check that employee role with such ID exists in the system (is_active = true)

    1. In case of error - return 404

  2. Check that employee role belongs to the same legal entity as the user

    1. In case of error - return 403

Validate transition

Only ACTIVE employee role can be deactivated

Available transitions

  1. ACTIVE → INACTIVE

In other cases - return 409 error ('{current_status} employee role cannot be DEACTIVATED')

Processing

Update object in DB

Parameter

Source

Description

end_date

Timestamp: now()

Get current date-time

status

Const: INACTIVE

updated_at

Timestamp: now()

Get current date-time

updated_by

Token: user_id

Response structure

Example:

 Response example
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "7c3da506-804d-4550-8993-bf17f9ee0402",
    "healthcare_service_id": "98b6ed10-17b4-44f1-892c-7514f66bf505",
    "employee_id": "9d229fcb-6a77-4574-99a5-30729aa518fd",
    "start_date": "2019-04-20T19:14:13Z",
    "end_date": "2017-12-20T19:14:13Z",
    "status": "INACTIVE",
    "is_active": true,
    "inserted_at": "2017-04-20T19:14:13Z",
    "inserted_by": "e1453f4c-1077-4e85-8c98-c13ffca0063e",
    "updated_at": "2017-04-20T19:14:13Z",
    "updated_by": "2922a240-63db-404e-b730-09222bfeb2dd"
  }
}

HTTP status codes

HTTP status code

Message

What caused the error

200

 Response

 

401

 

Invalid access token

403

  • Invalid scope(s)

  • Check that employee role belongs to the same legal entity as the user failed

404

Validation error

409

Validation error

  • No labels