ЕСОЗ - публічна документація

Skip to end of banner Go to start of banner

Get Contract by ID

Skip to end of metadata

Created by Bogdana Konovalenko (Unlicensed) on Apr 25, 2018

Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Purpose

This web service is designed to obtain full information about contract by

Overview

only nhs employee with scopes contract:read can see details of contract

Specification

Apiary

Validation

Validate token

Verify the validity of access token
- Return 401 in case validation fails
token is not expired
- in case error return 401

Validate scopes

Check user scopes in order to perform this action (scope = 'contract:read')
1. Return 403 in case invalid scope(s)

Validate employee

extract user_id from token

extract client_id from token

Check if user is active
- in case error return 403 - (user is not active)
check nhs_legal_entity is active
- in case error return 403 - (Client is not active)

Validate context

extract client_id from token. LE employee can see only this legal entities contracts. NHS employee can see any contracts.

if TOKENS_TYPES_PERSONAL
- Check client_id = contracts.contractor_legal_entity_id
  - in case error return 403 "You are not allowed to view this contract"

Validate data

Validate contract id. Check contract.id = $.id
- in case error return 404 ("Contract with id=$id doesn't exist")

Responses

No labels

ЕСОЗ - публічна документація