Purpose
This WS is designed to allow employee with appropriate scopes to update some fields of device definition in eHealth.
Key points
This is a GraphQL query method used in Administration panel only.
Only authenticated and authorized employee with appropriate scope can update device definitions.
Specification
Authorize
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'device_definition:write')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: device_definition:write') in case of invalid scope(s)
Validate legal entity
Extract client_id from token.
Check legal entity status (status = ACTIVE)
in case of error - return 409 ('client_id refers to legal entity that is not active.')
Check client type (type = NHS)
in case of error - return 403 ('You don't have permission to access this resource')
Validate request
Check that required fields according to specification are submitted
in case of error - return 422 ('In field <<field_name>>: Expected type <<field_type>>, found null.') where field_name - name of missing field, field_type - type of missing field
Check that no additional fields that do not correspond to schema are submitted
in case of error - return 422 ('In field <<field_name>>: Unknown field.') where field_name - name of additional field that does not correspond to schema
Check that each field in request corresponds to its type in specification
in case of error - return 422 ('In field <<field_name>>: Expected type <<field_type>>, found <<actual_value>>.') where field_name - name of error field, field_type - expected type of field, actual_value - value that was submitted to field
Validate device definition
Check that device definition by
$.id
exists in device_definitions table in PRM DBin case of error - return 404 ('Device definition is not found')
Check that device definition is active (is_active = true)
in case of error - return 409 ('Device definition should be active')
Validate device names
Check that there are no duplicated types within
$.deviceNames
($.deviceNames.type
must be unique within$.deviceNames
)in case of error - return 422 ('Values are not unique by 'type'.)
Service logic
Update records in device_definition_names table in PRM DB for device_definition_id =
$.id
, set values:type =
$.deviceName.type
name =
$.deviceName.name
inserted_at = now() (only for new records)
updated_by = user_id from token (only for new records)
updated_at = now()
updated_by = user_id from token
Update records for device_definitions table in PRM DB
updated_at = now()
updated_by = user_id from token
Render a response according to specification.