ЕСОЗ - публічна документація

RC-[UPD] Get Device requests by search params

Purpose

This WS is designed to return records about Device requests in person context by search params.

Specification

Apiary

Authorization

  • Verify the validity of access token

    • Return (401, 'Invalid access token') in case of validation fails

  • Verify that token is not expired

    • in case of error - return (401, 'Invalid access token')

  • Check user scopes in order to perform this action (scope = 'device_request:read')

    • Return (403, 'Your scope does not allow to access this resource. Missing allowances: device_request:read') in case of invalid scope(s)

Access to the resource is also managed by RC-[UPD] ABAC rulesarchived.

Service logic

Service returns all Device requests related to the person filtered by submitted parameters:

  1. Get all Device requests by person_id from device_requests collection (Mongo database)

  2. Validate data consistency:

    • Ensure that requested Device requests have ABAC context

      • Return 403 ('Access denied') in case of error

  3. Filter list above by submitted search parameters

  4. Render a response according to specification with found Device requests entities.

ЕСОЗ - публічна документація