Purpose

This WS allows to deactivate a Group of Diagnoses from Admin panel.

Key points

This is a graphQl method used in Administration panel only.
Only authenticated and authorized NHS employee with appropriate scope can deactivate a Group of Diagnoses.
Only active Groups of Diagnoses can be deactivated.

Specification*

Link	graphQl method	Посилання на Apiary або Swagger
Resource	graphQl method	Посилання на ресурс, наприклад: /api/persons/create
Scope	diagnoses_group:write	Scope для доступу
Components	Medical events	Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription
Microservices	API paragraph not found	Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC
Protocol type	API paragraph not found	Тип протоколу, який використовується запитом, наприклад: SOAP \| REST
Request type	API paragraph not found	Тип запиту API, наприклад: GET, POST, PATCH…
Sync/Async	API paragraph not found	Метод є синхронним чи асинхронним?
Public/Private/Internal	Internal	Потрібно зазначити тип методу за ступенем доступності

deactivateDiagnosesGroup

"Deactivates a single `DiagnosesGroup` using its globally unique ID."
  deactivateDiagnosesGroup(
    input: DeactivateDiagnosesGroupInput!
  ): DeactivateDiagnosesGroupPayload

"""
Input for `deactivateDiagnosesGroup` mutation.
User must have a scope **diagnoses_group:write**
"""
input DeactivateDiagnosesGroupInput {
  "Globally unique ID of the `DiagnosesGroup` which should be deactivated."
  id: ID!
}

"""
Return type for `deactivateDiagnosesGroup` mutation.
"""
type DeactivateDiagnosesGroupPayload {
  "Deactivated `DiagnosesGroup`."
  diagnosesGroup: DiagnosesGroup
}

Logic

Update data:
1. diagnoses_groups table
  1. set is_active = false
  2. set deactivation_reason = $.deactivation_reason
  3. set updated_at, updated_by
~~Deactivate all~~ ~~approvals~~ ~~with approval.diagnoses_group_id = $.diagnoses_group_id~~

Authorize

Verify the validity of access token
- in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
- in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'diagnoses_group:write')
- return 403 (“Your scope does not allow to access this resource. Missing allowances: diagnoses_group:write”) in case of invalid scope(s)

Request data validation

Validate legal entity

Extract client_id from token.
Check client scopes in order to perform this action (scope = 'diagnoses_group:write')
- in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: diagnoses_group:write”)
Check client_type = NHS
- in case of error - return 403 ('You don’t have permission to access this resource')
Check legal entity status (status = ACTIVE)
- In case of error - return 409 ('client_id refers to legal entity that is not active')

Validate request

Check if diagnoses_group_id is submitted
- in case if not submitted - return 422 ('required property diagnoses_group_id was not present')
- in case if not exist or not active - return 404 ('not found')
Check if deactivation_reason is submitted
- in case of error - return 422 ('required property deactivation_reason was not present')

HTTP status codes*

HTTP status code	Message	What caused the error
401	Invalid access token
403	You don’t have permission to access this resource Your scope does not allow to access this resource. Missing allowances: diagnoses_group:write
404	not found
409	client_id refers to legal entity that is not active
422	required property deactivation_reason was not present required property diagnoses_group_id was not present

Deactivate Group of Diagnoses (NHS Admin)

Purpose

Key points

Specification*

Logic

Authorize

Request data validation

Validate legal entity

Validate request

HTTP status codes*