REST API method / Метод REST API (настанова) (remove the link block before publishing the document)

• Properties of a REST API method document

• Purpose

• Logic

• Configuration parameters

• Dictionaries

• Input parameters

• Request structure

• Headers

• Request data validation

• Processing

• Response structure examples

• HTTP status codes

• Post-processing processes

• Technical modules where the method is used

Properties of a REST API method document

Purpose

This WS is designed to obtain a declaration list by a patient in a cabinet

Logic

Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

• POSITION

• LEGAL_FORM

• DIVISION_TYPE

• DIVISION_STATUS

Input parameters

Request structure

See on API-specification

Headers

Request data validation

Authorize

• Verify the validity of access token

  • Return 401 in case validation fails

• Check user scopes in order to perform this action (scope = ''declaration:read")

  1. Return 403 in case invalid scope(s) - "Your scope does not allow to access this resource. Missing allowances: declaration:read"

Validate user

• Extract party_user (user_id) from token.

• Check if party_user=$.declarations.person_id

  • in case error return 403

• check person.tax_id=users.tax_id

  • in case error return 401 - access denied

• Check users password is not expired

  • in case error return 401 - password expired

• Check if users.is_blocked = false

  • in case error return 401 - access denied

Processing

A list of processes related to receiving, changing or transmitting data according to the logic defined in the REST API

Response structure examples

See on API-specification

{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": [
    {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "declaration_number": "0000-12H4-245D",
      "start_date": "2017-03-02",
      "status": "active",
      "person": {
        "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      },
      "employee": {
        "id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
        "position": "P6",
        "party": {
          "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
          "first_name": "Петро",
          "last_name": "Іванов",
          "second_name": "Миколайович"
        }
      },
      "legal_entity": {
        "id": "d290f1ee",
        "name": "Клініка Ноунейм",
        "short_name": "Ноунейм",
        "legal_form": "140",
        "edrpou": "5432345432"
      },
      "division": {
        "id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
        "name": "Бориспільське відділення Клініки Ноунейм",
        "type": "clinic",
        "status": "ACTIVE",
        "dls_id": "2872985",
        "dls_verified": true
      }
    }
  ],
  "paging": {
    "page_number": 2,
    "page_size": 50,
    "total_entries": 1000,
    "total_pages": 23
  }
}

HTTP status codes

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used