Purpose

API paragraph not found

Specification

Link	https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/healthcare-services/add-employee-role	Посилання на Apiary або Swagger
Resource	/api/employee_roles	Посилання на ресурс, наприклад: /api/persons/create
Scope	employee_role:write	Scope для доступу
Components	Scopes model	Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription
Microservices	API paragraph not found	Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC
Protocol type	REST	Тип протоколу, який використовується запитом, наприклад: SOAP \| REST
Request type	POST	Тип запиту API, наприклад: GET, POST, PATCH…
Sync/Async	Sync	Метод є синхронним чи асинхронним?
Public/Private/Internal	Public	Потрібно зазначити тип методу за ступенем доступності

Logic

Only authenticated and authorized user can use this service
Employee role must be valid and consistent, i.e. all "foreign keys" must be valid
It can be only one active employee_role for the single employee and healthcare service

Input parameters

ATTRIBUTES - see on Apiary

Request structure

Example:

Request example

{
  "healthcare_service_id": "98b6ed10-17b4-44f1-892c-7514f66bf505",
  "employee_id": "9d229fcb-6a77-4574-99a5-30729aa518fd"
}

Authorize

Verify the validity of access token
1. Return 401 in case validation fails
Check scopes in order to perform this action (scope = 'employee_role:write')
1. Return 403 in case invalid scope(s)

Headers

Наприклад:

Content-Type:application/json
Authorization:Bearer c2778f3064753ea70de870a53795f5c9
api-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

Validate request

Validate request using JSON schema

Validate legal entity

Check that legal entity is active (status = ACTIVE, SUSPENDED)

Extract client_id from token (token.client_id == legal_entity_id)
Check legal entity status (status = ACTIVE, SUSPENDED)
1. In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)

Validate FK

Validate healthcare_service_id - healthcare service exists and is_active = true
1. Return 422 in case validation fails
Validate employee_id - employee exists and is_active = true
1. Return 422 in case validation fails

Validate constraint

It can be only one active employee_role for the single employee and healthcare service

Check that there is no another active record (status = ACTIVE) with the same employee and healthcare service
1. Return 409 (Duplicated employee role for this employee and healthcare service) in case such pair exists

Validate healthcare service

Check that healthcare service belongs to the same legal entity as the user and healthcare service is active

Extract client_id from token (token.client_id == legal_entity_id)
Validate legal entity on healthcare service
Check healthcare service status (status = ACTIVE)

Validate employee and its specialization

Check that employee belongs to the same legal entity as the user, employee is active and has the same specializations as the healthcare service

Extract client_id from token (token.client_id == legal_entity_id)
Validate legal entity on employee service
Check employee status (status = APPROVED)
Validate specialization on employee (where specialities.speciality_officio = true) and healthcare service

Processing

Save object to DB

Parameter	Source	Description
id	UUID	Autogenerated
start_date	Timestamp: now()	Get current date-time
status	Const: ACTIVE	By default ACTIVE for new records
is_active	Const: TRUE	Always TRUE for new records
inserted_at	Timestamp: now()	Get current date-time
inserted_by	Token: user_id	Extract user from token
updated_at	Timestamp: now()	Get current date-time
updated_by	Token: user_id	Extract user from token

Response structure