ЕСОЗ - публічна документація
(GraphQL) Deactivate Rule engine rule
- Oleg Brizhatiy
- Serhii Boldin (SoE eHealth)
Purpose
This WS allows to deactivate rule engine rule from Admin panel.
Key points
This is a graphQl method used in Administration panel only.
Only authenticated and authorized NHS employee with appropriate scope can deactivate a rule engine rule.
Rule engine rule should be deactivated with DS.
Only active rule engine rule can be deactivated.
Specification
Link | API paragraph not found | Посилання на Apiary або Swagger |
Resource | API paragraph not found | Посилання на ресурс, наприклад: /api/persons/create |
Scope | rule_engine_rule:write | Scope для доступу |
Components | API paragraph not found | Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription |
Microservices | API paragraph not found | Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC |
Protocol type | API paragraph not found | Тип протоколу, який використовується запитом, наприклад: SOAP | REST |
Request type | API paragraph not found | Тип запиту API, наприклад: GET, POST, PATCH… |
Sync/Async | API paragraph not found | Метод є синхронним чи асинхронним? |
Public/Private/Internal | API paragraph not found | Потрібно зазначити тип методу за ступенем доступності |
Logic
Save signed content to media storage
Update data:
rule_engine_rules collection
set is_active = false
set deactivation_reason = $.deactivation_reason
set updated_at, updated_by
Authorize
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'rule_engine_rule:write')
return 403 (“Your scope does not allow to access this resource. Missing allowances: rule_engine_rule:write”) in case of invalid scope(s)
Headers
API paragraph not found
Request data validation
Validate legal entity
Extract client_id from token.
Check client scopes in order to perform this action (scope = 'rule_engine_rule:write')
in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: rule_engine_rule:write”)
Check client type (type = NHS)
In case of error - return 403 ('You don't have permission to access this resource')
Check legal entity status (status = ACTIVE)
In case of error - return 409 ('client_id refers to legal entity that is not active')
Validate Digital Sign
Validate request is signed
in case of error - return 422 (“document must be signed by 1 signer but contains 0 signatures”)
Check DS is valid and not expired
Validate that DS belongs to the user
Check that EDRPOU from DS and legal_entities.edrpou of client_id matches
in case of error - return 409 (“Signer edrpou doesn’t match with requester edrpou”)
Check that DRFO from DS and party.tax_id matches
in case of error - return 422 (“Does not match the signer drfo“)
Validate request
Check
rule_idsubmittedin case not submitted - return 422 ('required property rule_id was not present')
in case not exist or not active - return 404 ('not found')
Check
deactivation_reasonsubmittedin case of error - return 422 ('required property deactivation_reason was not present')
Processing
API paragraph not found
Response structure
API paragraph not found
Post-processing processes
API paragraph not found
HTTP status codes
API paragraph not found
ЕСОЗ - публічна документація