/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

• Properties of a REST API method document

• Purpose

• Logic

• Configuration parameters

• Dictionaries

• Input parameters

• Request structure

• Headers

• Request data validation

• Processing

• Response structure examples

• HTTP status codes

• Post-processing processes

• Technical modules where the method is used

Properties of a REST API method document

Purpose

This WS is designed to obtain a declaration list by a patient in a cabinet

Logic

N/A

Configuration parameters

N/A

Dictionaries

• POSITION

• LEGAL_FORM

• DIVISION_TYPE

• DIVISION_STATUS

Input parameters

Request structure

See on API-specification

Headers

Headers

Request data validation

Authorize

• Verify the validity of access token

  • Return 401 in case validation fails

• Check user scopes in order to perform this action (scope = ''declaration:read")

  1. Return 403 in case invalid scope(s) - "Your scope does not allow to access this resource. Missing allowances: declaration:read"

Authorize

• Verify the validity of access token

  • Return 401 in case validation fails

• Check user scopes in order to perform this action (scope = ''declaration:read")

  1. Return 403 in case invalid scope(s) - "Your scope does not allow to access this resource. Missing allowances: declaration:read"

Validate user

• Extract party_user (user_id) from token.

• Check if party_user=$.declarations.person_id

  • in case error return 403

• check person.tax_id=users.tax_id

  • in case error return 401 - access denied

• Check users password is not expired

  • in case error return 401 - password expired

• Check if users.is_blocked = false

  • in case error return 401 - access denied

Processing

N/A

Response structure examples

See on API-specification

{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": [
    {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "declaration_number": "0000-12H4-245D",
      "start_date": "2017-03-02",
      "status": "active",
      "person": {
        "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      },
      "employee": {
        "id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
        "position": "P6",
        "party": {
          "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
          "first_name": "Петро",
          "last_name": "Іванов",
          "second_name": "Миколайович"
        }
      },
      "legal_entity": {
        "id": "d290f1ee",
        "name": "Клініка Ноунейм",
        "short_name": "Ноунейм",
        "legal_form": "140",
        "edrpou": "5432345432"
      },
      "division": {
        "id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
        "name": "Бориспільське відділення Клініки Ноунейм",
        "type": "clinic",
        "status": "ACTIVE",
        "dls_id": "2872985",
        "dls_verified": true
      }
    }
  ],
  "paging": {
    "page_number": 2,
    "page_size": 50,
    "total_entries": 1000,
    "total_pages": 23
  }
}

HTTP status codes

Post-processing processes

N/A

Technical modules where the method is used