ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Purpose

This Methods allows to add items, such as code or service/service_group, to the forbidden group from Admin panel.

Key points

  1. This is a graphQl method used in Administration panel only

  2. Only authenticated and authorized NHS employee with appropriate scope can add item to Forbidden group.

  3. The following kind of items could be added: services, service groups, dictionary codes.

  4. Item should be added using DS.

  5. Added item should be unique within all active items in Forbidden groups.

  6. One or more items can be added at once.

Specification

"""
Input for `createForbiddenGroupItems` mutation.
User must have a scope **forbidden_group:write**
"""
input CreateForbiddenGroupItemsInput{
    "Forbidden group identifier."
    forbiddenGroupId: ID!
    "List of service identifiers."
    serviceIds: [ID!]
    "List of service group identifiers."
    serviceGroupIds: [ID!]
    "List of dictionary codes."
    codes:[CreateForbiddenGroupCodeInput!]
}

"""
Input for `codes` in `createForbiddenGroupItems` mutation.
"""
input CreateForbiddenGroupCodeInput {
    "The name of the dictionary. Allowed names: eHealth/ICD10AM/condition_codes, eHealth/ICPC2/actions, eHealth/ICPC2/condition_codes, eHealth/ICPC2/reasons."
    system: String!
    "The value from dictionary. It should be present in the dictionary specified in `system` property"
    code: String!
}

"""
Return type for `createForbiddenGroupItems` mutation.
"""
type CreateForbiddenGroupItemsPayload {
  "Updaed `ForbiddenGroup`."
  forbiddenGroup: ForbiddenGroup
}

Validations

Following validations used in the CreateForbiddenGroupItemsMutation mutation.

Authorization

  • Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  • Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  • Check user scopes in order to perform this action (scope = 'forbidden_group:write')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:write”) in case of invalid scope(s)

Validate legal entity

  • Extract client_id from token.

  • Check client scopes in order to perform this action (scope = 'forbidden_group:write')

    • in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:write”)

  • Check legal entity status (status = ACTIVE)

    • In case of error - return 409 ('client_id refers to legal entity that is not active')

Validate Digital Sign

  • Validate request is signed

    • in case of error - return 422 (“document must be signed by 1 signer but contains 0 signatures”)

  • Check DS is valid and not expired

  • Validate that DS belongs to the user

    • Check that DRFO from DS and party.tax_id matches

      • in case of error - return 409 (“Signer DRFO doesn't match with requester tax_id“)

Validate request

  1. Check forbidden_group_id submitted in the request

  • in case not submitted - return 422 ('required property forbidden_group_id was not present')

  • in case not exist or is not active - return 404 ('not found')

2. Check at least one of the array fields submitted: service_group_ids, service_ids, codes

  • in case of error - return 422 ('One of the required property should be present: service_groups, services, codes')

3. if service_group_ids submitted, for each service_group_id in the array:

  • Check it is exists and active:

    • in case of error - return 422 ('not found')

  • Check it is unique within request

    • in case of error - return 422 ('Service group with id <id> is duplicated in the request')

  • Check it is unique within existing active forbidden group items (prm.forbidden_group_services)

    • in case of error - return 422 ('Service group already present in forbidden group')

4. if service_ids submitted, for each service_id in the array:

  • Check it is exists and active:

    • in case of error - return 422 ('not found')

  • Check it is unique within request

    • in case of error - return 422 ('Service with id <id> is duplicated in the request')

  • Check it is unique within existing active forbidden group items (prm.forbidden_group_services)

    • in case of error - return 422 ('Service already present in forbidden group')

5. if codes submitted, for each object in the array:

  • Check system submitted

    • in case of error - return 422 ('required property system was not present')

  • Check system value is following dictionary name: eHealth/ICD10_AM/condition_codes, eHealth/ICPC2/actions, eHealth/ICPC2/condition_codes, eHealth/ICPC2/reasons

    • in case of error - return 422 ('not allowed in enum')

  • Check code submitted

    • in case not submitted - return 422 ('required property code was not present')

  • Check code value within dictionary specified in system property

    • in case of error - return 422 ('value is not allowed in enum')

  • Check code is unique within system in the request

    • in case of error - return 422 ('Code <code> of <system> dictionary is duplicated in the request')

  • Check code and system is unique within existing active forbidden group items (prm.forbidden_group_codes)

    • in case of error - return 422 ('Code <code> of <system> dictionary already present in forbidden groups')

6. Check creation_reason submitted

  • in case of error - return 422 ('required property creation_reason was not present')

Service logic

Following logic used in the CreateForbiddenGroupItemsMutation mutation

  1. Save signed content to media storage

  2. For each element in the service_group_ids array save data to forbidden_group_services table (PRM DB):

    1. set forbidden_group_id = $.forbidden_group_id

    2. set service_id = null

    3. set service_group_id = $.service_group_id

    4. set creation_reason = $.creation_reason

  3. For each element in the service_ids array save data to forbidden_group_services table:

    1. set forbidden_group_id = $.forbidden_group_id

    2. set service_id = $.service_id

    3. set service_group_id = null

    4. set creation_reason = $.creation_reason

  4. For each element in the codes array save data to forbidden_group_codes table (PRM DB):

    1. set forbidden_group_id = $.forbidden_group_id

    2. set system = $.system

    3. set code = $.code

    4. set creation_reason = $.creation_reason

  5. Set another fields according to /wiki/spaces/FORBIDDEN/pages/2087190529

  6. Clear cache

  • No labels