ЕСОЗ - публічна документація
(GraphQL) Deactivate Forbidden group
- Nickolay Kolotov (SoE eHealth)
- Serhii Boldin (SoE eHealth)
- Dmytro Omelchenko (SoE eHealth)
Purpose
This WS allows to deactivate forbidden group from Admin panel. The group will be deactivated with the all included items.
Key points
This is a graphQl method used in Administration panel only
Only authenticated and authorized NHS employee with appropriate scope can deactivate a Forbidden group.
Forbidden group should be deactivated with DS.
Only active groups can be deactivated.
If deactivate a group than all included items deactivates too
Specification
Document status | PROD |
|
Resource | /graphql | Посилання на Apiary або Swagger |
Link | API paragraph not found | Посилання на ресурс, наприклад: /api/persons/create |
Scope | forbidden_group:write | Scope для доступу |
Components | API paragraph not found | Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription |
Microservices | API paragraph not found | Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC |
Protocol type | API paragraph not found | Тип протоколу, який використовується запитом, наприклад: SOAP | REST |
Request type | API paragraph not found | Тип запиту API, наприклад: GET, POST, PATCH… |
Sync/Async | API paragraph not found | Метод є синхронним чи асинхронним? |
Public/Private/Internal | Private | Потрібно зазначити тип методу за ступенем доступності |
Logic
Save signed content to media storage
Update data:
forbidden_groups table
set is_active = false
set deactivation_reason = $.deactivation_reason
set updated_at, updated_by
Deactivate each active item in the group. Set item deactivation_reason = group deactivation_reason
Request structure
API paragraph not found
Authorize
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'forbidden_group:write')
return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:write”) in case of invalid scope(s)
Headers
API paragraph not found
Request data validation
Validate legal entity
Extract client_id from token.
Check client scopes in order to perform this action (scope = 'forbidden_group:write')
in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:write”)
Check legal entity status (status = ACTIVE)
In case of error - return 409 ('client_id refers to legal entity that is not active')
Validate Digital Sign
Validate request is signed
in case of error - return 422 (“document must be signed by 1 signer but contains 0 signatures”)
Check DS is valid and not expired
Validate that DS belongs to the user
Check that DRFO from DS and party.tax_id matches
in case of error - return 409 (“Signer DRFO doesn't match with requester tax_id“)
Validate request
Check
forbidden_group_idsubmittedin case not submitted - return 422 ('required property forbidden_group_id was not present')
in case not exist or not active - return 404 ('not found')
Check
deactivation_reasonsubmittedin case of error - return 422 ('required property deactivation_reason was not present')
Processing
API paragraph not found
Response structure
API paragraph not found
Post-processing processes
API paragraph not found
HTTP status codes
API paragraph not found
ЕСОЗ - публічна документація