RC_Deactivate Medical program (Admin CDB)

Purpose

This WS allows to deactivate existing medical program

Key points

1. This is a graphQl method used in Administration panel only

2. Only authenticated and authorized NHS employee with appropriate scope can deactivate a Medical program.

Specification

Authorization

• Verify the validity of access token

  • in case of error - return 401 (“Invalid access token”) in case of validation fails

• Verify that token is not expired

  • in case of error - return 401 (“Invalid access token”)

• Check user scopes in order to perform this action (scope = 'medical_program:write')

  • return 403 (“Your scope does not allow to access this resource. Missing allowances: medical_program:write”) in case of invalid scope(s)

Validate legal entity

• Extract client_id from token.

• Check client scopes in order to perform this action (scope = 'medical_program:write')

  • in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: medical_program:write”)

• Check type = NHS

  • in case of error - return 403 ('You don’t have permission to access this resource')

Validate medical program ID

1. Check id exists in DB

   1. in case of error - return 404 ('not_found')

Validate related program medications

For each related program medication:

1. Check it has is_active=true

   1. in case of error - return 409 ('This program has active participants. Only medical programs without participants can be deactivated')

Service logic

For the medical program entity set:

1. is_active = false

2. updated_by = current user (from token)

3. updated_at = current date and time