Purpose
Specification
Service logic
- Only authenticated and authorized user can use this service
- Only ACTIVE employee role can be deactivated
- Legal entity can deactivate only its own employee roles
Authentication
- Verify the validity of access token
- Return 401 in case validation fails
- Check scopes in order to perform this action (scope = 'employee_role:write')
- Return 403 in case invalid scope(s)
Validate employee role
- Check that employee role with such ID exists in the system (is_active = true)
- In case of error - return 404
- Check that employee role belongs to the same legal entity as the user
- In case of error - return 403
Validate transition
Only ACTIVE employee role can be deactivated
Available transitions
- ACTIVE → INACTIVE
In other cases - return 409 error ('{current_status} employee role cannot be DEACTIVATED')
Update object in DB
Parameter | Source | Description |
---|---|---|
end_date | Timestamp: now() | Get current date-time |
status | Const: INACTIVE | |
updated_at | Timestamp: now() | Get current date-time |
updated_by | Token: user_id |