ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Purpose

Specification

Apiary: Update equipment

Service logic

  1. Only authenticated and authorized HR, ADMIN, OWNER employees can update equipment.
  2. Equipment can be updated from MSP, OUTPATIENT, PRIMARY_CARE and EMERGENCY legal entities.
  3. Only ACTIVE equipment can be updated.
  4. Update of division_id and status is not allowed with this service.
  5. Legal entity can update only its own equipments.

Authentication

  1. Verify the validity of access token
    1. Return 401 in case validation fails
  2. Check user scopes in order to perform this action (scope = 'equipment:write')
    1. Return 403 in case invalid scope(s)

Validate legal entity

Check that legal entity is active (status = ACTIVE, SUSPENDED)

  1. Extract client_id from token (token.client_id == legal_entity_id)
  2. Check legal entity status (status = ACTIVE, SUSPENDED)
    1. In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)

Validate equipment

  1. Check that ID in URL exists in the system
    1. In case of error - return 404
  2. Check that equipment belongs to the same legal entity as the user
    1. In case of error - return 403

Validate request

Validate request using schema

Update object in DB

1. equipments table

Parameter
Source
Description
typeRequest: typeGet from request body
external_idRequest: external_idGet from request body
udiRequest: udiGet from request body
lot_numberRequest: lot_numberGet from request body
manufacturerRequest: manufacturerGet from request body
manufacture_dateRequest: manufacture_dateGet from request body
expiration_dateRequest: expiration_dateGet from request body
model_numberRequest: model_numberGet from request body
part_numberRequest: part_numberGet from request body
versionRequest: versionGet from request body
nameRequest: nameGet from request body
serial_numberRequest: serial_numberGet from request body
noteRequest: noteGet from request body
updated_atTimestamp: now()Get current date-time
updated_byToken: user_idExtract user from token
  • No labels

ЕСОЗ - публічна документація