ЕСОЗ - публічна документація
RC_CSI-1323_(GraphQl) Create Employee request
Purpose
This WS is designed to allow NHS employee with appropriate scopes to create employee request.
Key points
This is a graphQl query method used in Administration panel only.
Only authenticated and authorized employee with appropriate scope can create employee request.
Employee request content should be signed with DS.
Specification
Authorization
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'employee_request:write')
return 403 (“Your scope does not allow to access this resource. Missing allowances: employee_request:write”) in case of invalid scope(s)
Validations
Validate legal entity
Extract client_id from token.
Check legal entity status (status = ACTIVE)
In case of error - return 409 ('client_id refers to legal entity that is not active')
Validate Digital Sign
Validate request is signed
in case of error - return 422 (“document must be signed by 1 signer but contains 0 signatures”)
Check DS is valid and not expired
Validate that DS belongs to the user
Check that DRFO from DS and party.tax_id matches
in case of error - return 409 (“Signer DRFO doesn't match with requester tax_id“)
Validate request
Check if employee type is allowed for legal_entity type
Validate request using schemata
In case validation fails - generate 422 error
Validate party
first_name, last_name, second_name have the same validation pattern - `^(?!.*[ЫЪЭЁыъэё@%&$^#])[А-ЯҐЇІЄа-яґїіє’\\'\\- ]+$`
validate birth_date
birth_date > 1900-01-01 and birth_date < current date
birth_date has validation pattern - `^(\\d{4}(?!\\d{2}\\b))((-?)((0[1-9]|1[0-2])(\\3([12]\\d|0[1-9]|3[01]))?|W([0-4]\\d|5[0-2])(-?[1-7])?|(00[1-9]|0[1-9]\\d|[12]\\d{2}|3([0-5]\\d|6[1-6])))?)?$`
gender has one of the following values - "FEMALE", "MALE"
validate tax_id
tax_id has validation pattern - `^([0-9]{9,10}|[А-ЯЁЇIЄҐ]{2}\\d{6})$`
email has validation pattern - `^[\\w!#$%&'*+/=?`{|}~^-]+(?:\\.[\\w!#$%&'*+/=?`{|}~^-]+)*@(?:[A-Z0-9-]+\\.)+[A-Z]{2,6}$`
validate documents
documents.type has one of the DOCUMENT_TYPE dictionary values
documents.type exists in IDENTITY_DOCUMENT_TYPES config parameter
validate documents.issued_at
documents.issued_at has validation pattern - `^(\\d{4}(?!\\d{2}\\b))((-?)((0[1-9]|1[0-2])(\\3([12]\\d|0[1-9]|3[01]))?|W([0-4]\\d|5[0-2])(-?[1-7])?|(00[1-9]|0[1-9]\\d|[12]\\d{2}|3([0-5]\\d|6[1-6])))?)?$`
validate phones
phones.type has one of the PHONE_TYPE dictionary values
phones.number has validation pattern - `^\\+38[0-9]{10}$`
Service Logic
Create employee request in IL DB table - employee_request.
generate GUID and write in id column
write JSON object with employee request details
Send activation link on email
Generate invitation link, which contains Employee request GUID
Send invitation URL on user email
ЕСОЗ - публічна документація