RC_[NEW] Get Devices by search params

Purpose

This method intended to get all Devices in patient context by params

Specification

Apiary

Authorization

• Verify the validity of access token

  • Return (401, 'Invalid access token') in case of validation fails

• Verify that token is not expired

  • in case of error - return (401, 'Invalid access token')

• Check user scopes in order to perform this action (scope = 'device:read')

  • Return (403, 'Your scope does not allow to access this resource. Missing allowances: device:read') in case of invalid scope(s)

Access to the resource is also managed by ABAC rules.

Validations

Validate Patient

• Get Person identifier from the URL

  • Check it exists in DB

    • Return 404 ('not_found') in case of error

Service logic

Service returns specified all Devices in patient context:

• Get data from devices (MongoDB)

• Filter list above by submitted search parameters

  • It must be allowed to pass multiple comma-separated values for some query parameters:

    • type

    • definition

    • status

• Sorting by inserted_at desc

• Render a response according to specification.