ЕСОЗ - публічна документація

[DRAFT] Deactivate employee role [API-005-007-004-0127]

 

Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

https://e-health-ua.atlassian.net/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Properties of a REST API method document

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-005-007-004-0127

Microservices (namespace)

IL

Component

Employees

Component ID

COM-005-007

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/employee-roles/deactivate-employee-role

Resource

{{host}}api/employee_roles/{{id}}/actions/deactivate

Scope

employee_role:write

Protocol type

REST

Request type

PATCH

Sync/Async

Sync

Public/Private

Public

Purpose

This method allows to deactivate a previously added employee role

Logic

  1. Only authenticated and authorized user can use this service

  2. Only ACTIVE employee role can be deactivated

  3. Legal entity can deactivate only its own employee roles

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Input parameter

Mandatory

Type

Description

Example

Input parameter

Mandatory

Type

Description

Example

1

id

 

String

Employee role identifier.

Optional

d290f1ee-6c54-4b01-90e6-d701748f0851

2

 

 

 

 

 

Request structure

See on API-specification

Headers

Key

Value

Mandatory

Description

Example

Key

Value

Mandatory

Description

Example

1

 

 

 

 

 

2

 

 

 

 

 

3

 

 

 

 

 

Request data validation

Authorize

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'employee_role:write')

    1. Return 403 in case invalid scope(s)

Validate legal entity

Check that legal entity is active (status = ACTIVE, SUSPENDED)

  1. Extract client_id from token (token.client_id == legal_entity_id)

  2. Check legal entity status (status = ACTIVE, SUSPENDED)

    1. In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)

Validate employee role

  1. Check that employee role with such ID exists in the system (is_active = true)

    1. In case of error - return 404

  2. Check that employee role belongs to the same legal entity as the user

    1. In case of error - return 403

Validate transition

Only ACTIVE employee role can be deactivated

Available transitions

  1. ACTIVE → INACTIVE

In other cases - return 409 error ('{current_status} employee role cannot be DEACTIVATED')

 

Processing

Update object in DB

Parameter

Source

Description

Parameter

Source

Description

end_date

Timestamp: now()

Get current date-time

status

Const: INACTIVE

 

updated_at

Timestamp: now()

Get current date-time

updated_by

Token: user_id

 

Response structure examples

See on API-specification

{ "meta": { "code": 200, "url": "https://example.com/resource", "type": "object", "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810" }, "data": { "id": "7c3da506-804d-4550-8993-bf17f9ee0402", "healthcare_service_id": "98b6ed10-17b4-44f1-892c-7514f66bf505", "employee_id": "9d229fcb-6a77-4574-99a5-30729aa518fd", "start_date": "2019-04-20T19:14:13Z", "end_date": "2017-12-20T19:14:13Z", "status": "INACTIVE", "is_active": true, "inserted_at": "2017-04-20T19:14:13Z", "inserted_by": "e1453f4c-1077-4e85-8c98-c13ffca0063e", "updated_at": "2017-04-20T19:14:13Z", "updated_by": "2922a240-63db-404e-b730-09222bfeb2dd" } }

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

 

200

 Response

 

 

3

 

401

 Invalid access token

 

 

4

 

403

 Check that employee role belongs to the same legal entity as the user failed

 

 

5

 

403

Invalid scope(s)

 

 

6

 

404

Validation error

 

 

7

 

409

Legal entity must be ACTIVE or SUSPENDED

 

 

8

 

409

 Validation error

 

 

9

Специфічні

10

 

 

 

 

 

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

 

ЕСОЗ - публічна документація