ЕСОЗ - публічна документація

(GraphQL) Search Forbidden groups by params

Owned by Nickolay Kolotov (SoE eHealth)
Last updated: Jul 27, 2024 by Serhii Boldin (SoE eHealth)
4 min read

Purpose

This WS allows to find groups in Admin panel using search params. Groups can be found by group params and/or by item params

Key points

  1. This is a graphQl query method used in Administration panel only

  2. Only authenticated and authorized NHS employee with appropriate scope can search Forbidden groups.

 

Specification

Document status

PROD

 

Link

API paragraph not found

Посилання на Apiary або Swagger

Resource

/graphql

Посилання на ресурс, наприклад: /api/persons/create

Scope

forbidden_group:details

Scope для доступу

Components

API paragraph not found

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

API paragraph not found

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

API paragraph not found

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

API paragraph not found

Метод є синхронним чи асинхронним?

Public/Private/Internal

API paragraph not found

Потрібно зазначити тип методу за ступенем доступності

""" Fields to filter forbidden groups in the system. """ input ForbiddenGroupFilter { "Checks for equality with the object’s `databaseId` field." databaseId: UUID "Checks for matching with the object’s `name` field." name: String "Checks for equality with the object’s `isActive` field." isActive: Boolean "Forbidden group service filter" forbiddenGroupService: ForbiddenGroupServiceFilter "Forbidden group code filter" forbiddenGroupCode: ForbiddenGroupCodeFilter } """ Methods to use when ordering `ForbiddenGroup`. """ enum ForbiddenGroupOrderBy { "Orders by the object’s `insertedAt` field in the ascending order." INSERTED_AT_ASC "Orders by the object’s `insertedAt` field in the descending order." INSERTED_AT_DESC "Orders by the object’s `name` field in the ascending order." NAME_ASC "Orders by the object’s `name` field in the descending order." NAME_DESC } """ A connection to a list of `ForbiddenGroup` items. """ type ForbiddenGroupConnection { "Information to aid in pagination." pageInfo: PageInfo! "A list of nodes." nodes: [ForbiddenGroup] "A list of edges." edges: [ForbiddenGroupEdge] } """ An edge in a connection of `ForbiddenGroup`. """ type ForbiddenGroupEdge { "The item at the end of the edge." node: ForbiddenGroup! "A cursor for use in pagination." cursor: String! } """ ForbiddenGroup contains details about restricted codes, services and service groups included in medical events. In order to obtain details user must have a scope **forbidden_group:details** """ type ForbiddenGroup implements Node { "The ID of an object." id: ID! "Primary key identifier from the database." databaseId: UUID! "The name of the `ForbiddenGroup`." name: String! "The reason the `ForbiddenGroup` was created." creationReason: String! "The reason the `ForbiddenGroup` was deactivated." deactivationReason: String "Whether the `ForbiddenGroup` is active or not?" isActive: Boolean! "Date and time when record was inserted." insertedAt: DateTime! "Date and time when record was updated." updatedAt: DateTime! "Services and Service groups wich belong to ForbiddenGroup." forbiddenGroupServices( "A condition to be used in determining which values should be returned by the collection." filter: ForbiddenGroupServiceFilter "The method to use when ordering collection items." orderBy: ForbiddenGroupServiceOrderBy "Read all values in the set after (below) this cursor." after: String "Read all values in the set before (above) this cursor." before: String "Only read the first _n_ values of the set." first: Int "Only read the last _n_ values of the set." last: Int ): ForbiddenGroupServiceConnection! "Codes wich belong to ForbiddenGroup." forbiddenGroupCodes( "A condition to be used in determining which values should be returned by the collection." filter: ForbiddenGroupCodeFilter "The method to use when ordering collection items." orderBy: ForbiddenGroupCodeOrderBy "Read all values in the set after (below) this cursor." after: String "Read all values in the set before (above) this cursor." before: String "Only read the first _n_ values of the set." first: Int "Only read the last _n_ values of the set." last: Int ): ForbiddenGroupCodeConnection! }

 

Logic

Render a forbidden_groups array with nested arrays of forbidden_group_codes and forbidden_group_services that match the search params

 

Request structure

API paragraph not found

 

Authorize

  • Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  • Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  • Check user scopes in order to perform this action (scope = 'forbidden_group:details')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:details”) in case of invalid scope(s)

 

Headers

API paragraph not found

 

Request data validation

Validate legal entity

  • Extract client_id from token.

  • Check client scopes in order to perform this action (scope = 'forbidden_group:details')

    • in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:details)

  • Check legal entity status (status = ACTIVE)

    • In case of error - return 409 ('client_id refers to legal entity that is not active')

 

Processing

 Search with a few params performs according to the logical AND rule.

  1. id. Search by forbidden_groups.id (used to get group details)

  2. name. Search by forbidden_groups.name 

  3. is_active. Search by forbidden_groups.is_active

  4. item_code. Searches by:

    • services.code (forbidden_group_services join services)

    • service_groups.code (forbidden_group_services join service_groups)

    • forbidden_group_codes.code (for dictionaries)

  5. item_name. Searches by:

    • services.name (forbidden_group_services join services)

    • service_groups.name (forbidden_group_services join service_groups)

    • code description for dictionaries (forbidden_group_codes fc join dictionaries d on fc.system = d.name and fc.code = d.values.code)

  6. item_type (string). Limits the search to the following items:

    • service - search within service items

    • service_group - search within service_group items 

    • <system> - search within specified dictionary. Where <system> is eHealth/ICD10_AM/condition_codeseHealth/ICPC2/actionseHealth/ICPC2/condition_codes or eHealth/ICPC2/reasons dictionary name

  7. item_is_active. Searches by:

    • forbidden_group_services.is_active - for service/service_group

    • forbidden_group_codes.is_active - for dictionaries

 

Response structure

 API paragraph not found

Post-processing processes

 API paragraph not found

HTTP status code

API paragraph not found

ЕСОЗ - публічна документація