RC-[NEW] Get Device dispenses by search params in patient context

Purpose

This method intended to get all Device dispenses in patient context.

Specification

Apiary

Authorization

• Verify the validity of access token

  • Return (401, 'Invalid access token') in case of validation fails

• Verify that token is not expired

  • in case of error - return (401, 'Invalid access token')

• Check user scopes in order to perform this action (scope = 'device_dispense:read')

  • Return (403, 'Your scope does not allow to access this resource. Missing allowances: device_dispense:read') in case of invalid scope(s)

Access to the resource is also managed by RC-[UPD] ABAC rulesarchived.

Service logic

Service returns all Device dispenses related to the person filtered by submitted parameters:

1. Get all Device dispenses by person_id from device_dispenses collection (Mongo database)

2. Validate data consistency:

   • Ensure that requested Device dispenses have ABAC context

     • Return 403 ('Access denied') in case of error

3. Filter list above by submitted search parameters

4. Render a response according to specification with found Device dispenses entities.