ЕСОЗ - публічна документація

RC_(CSI-1323)_Reject Person Request v2

Owned by Viacheslav Tybin (SoE eHealth)
Jun 10, 2024
1 min read

Purpose

This WS is designed to reject previously created Person Request.

Key points

  1. Only authenticated and authorized user with appropriate scope can reject Person Request.

  2. New and Approved person request can be rejected.

  3. Service returns only person request related to the same legal entity as the user.

Main differences from V1

  1. Confidant_person in response is an object, not an array.

  2. Confidant person details in response are limited to person_id and documents_relationship

Specification

Apiary

Authorization

  1. Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  2. Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  3. Check user scopes in order to perform this action (scope = 'person_request:write')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: person_request:write”) in case of invalid scope(s)

Validations

Validate person request

  1. Check that person request with such ID exists in the system

    1. In case of error - return 404 ('Person request not found')

  2. Check that person request belongs to the same legal entity as the user

    1. In case of error - return 403 ('Client is not allowed to reject person_request')

Validate status transition

Only person request in NEW or APPROVED status can be rejected.

  • Check that person request from URL has status = NEW or APPROVED

    • in case of error - return 409 ('Invalid transition')

Validate backwards compatability

This WS can reject only person requests that were created by https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17613193262 or approved by https://e-health-ua.atlassian.net/wiki/spaces/CSI/pages/17613422676 methods

  • Check that person_request.version field is equal to 2

    • in case of error - return 422 ('Person request cannot be processed by the version 2 of the service, use version 1 instead')

Service logic

  1. Change entity status in IL_DB.person_request to REJECTED

  2. Set updated_at - now() (Get current date-time)

  3. Set updated_by - user_id (Extract user from token).

ЕСОЗ - публічна документація