Purpose
This WS is designed to return Person Request details.
Note: response of this method should be used for /wiki/spaces/CSI/pages/17612931150.
Key points
Only authenticated and authorized user can obtain Person Request details.
Service returns only person request related to the same legal entity as the user.
Specification
Main differences from V1
Confidant_person is an object, not an array, so response from this method works for /wiki/spaces/CSI/pages/17612931150.
Authorization
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'person_request:read')
return 403 (“Your scope does not allow to access this resource. Missing allowances: person_request:read”) in case of invalid scope(s)
Validate Person Request
Check that person request with such ID exists in the system (is_active = true)
In case of error - return 404.
Check that person request belongs to the same legal entity as the user
In case of error - return 403.
Validate backwards compatibility
This WS can obtain only person requests that were created by /wiki/spaces/CSI/pages/17613193262 or approved by /wiki/spaces/CSI/pages/17613422676 or signed by /wiki/spaces/CSI/pages/17612931150
Check that
person_request.versionfield is equal to2in case of error - return 422 ('Person request cannot be processed by the version 2 of the service, use version 1 instead')
Service logic
Get Person Request by id from IL.person_requests
Render response according to specification