Purpose
This WS allows to deactivate rule engine rule from Admin panel.
Key points
This is a graphQl method used in Administration panel only.
Only authenticated and authorized NHS employee with appropriate scope can deactivate a rule engine rule.
Rule engine rule should be deactivated with DS.
Only active rule engine rule can be deactivated.
Specification
Logic
Save signed content to media storage
Update data:
rule_engine_rules collection
set is_active = false
set deactivation_reason = $.deactivation_reason
set updated_at, updated_by
Authorize
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'rule_engine_rule:write')
return 403 (“Your scope does not allow to access this resource. Missing allowances: rule_engine_rule:write”) in case of invalid scope(s)
Headers
Request data validation
Validate legal entity
Extract client_id from token.
Check client scopes in order to perform this action (scope = 'rule_engine_rule:write')
in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: rule_engine_rule:write”)
Check client type (type = NHS)
In case of error - return 403 ('You don't have permission to access this resource')
Check legal entity status (status = ACTIVE)
In case of error - return 409 ('client_id refers to legal entity that is not active')
Validate Digital Sign
Validate request is signed
in case of error - return 422 (“document must be signed by 1 signer but contains 0 signatures”)
Check DS is valid and not expired
Validate that DS belongs to the user
Check that EDRPOU from DS and legal_entities.edrpou of client_id matches
in case of error - return 409 (“Signer edrpou doesn’t match with requester edrpou”)
Check that DRFO from DS and party.tax_id matches
in case of error - return 422 (“Does not match the signer drfo“)
Validate request
Check
rule_id
submittedin case not submitted - return 422 ('required property rule_id was not present')
in case not exist or not active - return 404 ('not found')
Check
deactivation_reason
submittedin case of error - return 422 ('required property deactivation_reason was not present')
Processing
Response structure
See on Apiary
Post-processing processes
HTTP status codes