Purpose
This service is designed to obtain list of merge requests by NHS user.
Overview
- only employee with scope "merge_request:read" can get list of merge_requests
- list of merge_requests can be ordered
Specification
"""
Methods to use when ordering `Merge Request`.
"""
enum MergeRequestOrderBy {
"Sort Person by inserted at in ascending order."
INSERTED_AT_ASC
"Sort Person by inserted at in descending order."
INSERTED_AT_DESC
"Sort Person by birth date in ascending order."
STATUS_ASC
"Sort Person by birth date in descending order."
STATUS_DESC
}
"""
A connection to a list of `MergeRequest` values.
"""
type MergeRequestConnection {
"Information to aid in pagination."
pageInfo: PageInfo!
"Flag which shows whether NEW merge candidate can be assigned to the User"
canAssignNew: Boolean!
"A list of nodes."
nodes: [MergeRequest]
"A list of edges."
edges: [MergeRequestEdge]
}
"""
Reads and enables pagination through a set of `MergeRequest`.
"""
type MergeRequestEdge {
"The item at the end of the edge."
node: MergeRequest!
"A cursor for use in pagination."
cursor: String!
}
"""
Return type for `assignMergeCandidate` mutation.
"""
type AssignMergeCandidatePayload {
"Information of pair of persons which can be same."
mergeRequest: MergeRequest!
}
"""
Input for `updateMergeRequest` mutation.
In order to update status user must have a scope `merge_request:write`
"""
input UpdateMergeRequestInput {
"Primary key identifier from the database"
id: ID!
"next status of merge request"
status: MergeRequestStatus!
"comment which user can leave"
comment: String
}
"""
Return type for `updateMergeRequest` mutation.
"""
type UpdateMergeRequestPayload {
"Information of pair of persons which can be same."
mergeRequest: MergeRequest!
}
"""
This is Merge Request details. In order to obtain details user must have a scope **merge_request:read**
"""
type MergeRequest implements Node {
"The ID of an object"
id: ID!
"Primary key identifier from the database"
databaseId: UUID!
"The pair of persons which is considerated to be the same person"
manualMergeCandidate: ManualMergeCandidate!
"status of merge request"
status: MergeRequestStatus!
"comment which user can leave"
comment: String
"Technical information when the patient was inserted into the DB."
insertedAt: DateTime!
"Technical information when the patient was updated in the DB."
updatedAt: DateTime!
}
"""
List of MergeRequest statuses.
"""
enum MergeRequestStatus {
"Status `MERGE` for a merge request"
MERGE
"Status `NEW` for a merge request"
NEW
"Status `POSTPONE` for a merge request"
POSTPONE
"Status `SPLIT` for a merge request"
SPLIT
"Status `TRASH` for a merge request"
TRASH
}
"""
Information about Manual Merge Candidate.
"""
type ManualMergeCandidate {
"The ID of an object"
id: ID!
"Primary key identifier from the database"
databaseId: UUID!
"The pair of persons which is considerated to be the same person"
mergeCandidate: MergeCandidate!
"status of merge candidate"
status: ManualMergeCandidateStatus
"Technical information when the patient was inserted into the DB."
insertedAt: DateTime!
"Technical information when the patient was updated in the DB."
updatedAt: DateTime!
}
"""
Information about Merge Candidate.
"""
type MergeCandidate {
"The ID of an object"
id: ID!
"Primary key identifier from the database"
databaseId: UUID!
"The person wich will be deactivated"
person: Person!
"The person wich will remain"
masterPerson: Person!
}
"""
List of Merge candidate statuses
"""
enum ManualMergeCandidateStatus {
"Status `NEW` for a merge request"
NEW
"Status `PROCESSED` for a merge request"
PROCESSED
}
Validation
Validate token
- Verify the validity of access token
- Return 401 in case validation fails
- token is not expired
- Validate client_id is NHS
- check client type is NHS
- in case of error rerun forbidden error (Client is not allowed to the action')
Validate scopes
- Check user scopes in order to perform this action (scope = 'merge_request:read')
- Return forbidden in case invalid scope(s) -"Your scope does not allow to access this resource. Missing allowances: merge_request:read"
Verify user and role
Extract from token:
- Validate client_id (is_blocked=false)
- in case of error return 403 Error ('Client is blocked')
- Check user_roles by client_id
- check whether exist role NHS_REVIEWER
- in case of error return 403 Error ('User doesn't have required role')
- Validate client_id is NHS
- check client type is NHS
- in case of error rerun forbidden error (Client is not allowed to the action')
Validate context
Return response to user limited by context from user's token
- return limited response by manual_merge_requests.assignee_id=$user_id and manual_merge_requests.status in ('NEW', 'POSTPONE')
Response
If no contract request found return 200 and empty array