ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Purpose

This WS allows to find groups in Admin panel using search params. Groups can be found by group params and/or by item params

Key points

  1. This is a graphQl query method used in Administration panel only

  2. Only authenticated and authorized NHS employee with appropriate scope can search Forbidden groups.

Specification

"""
Fields to filter forbidden groups in the system.
"""
input ForbiddenGroupFilter {
  "Checks for equality with the object’s `databaseId` field."
  databaseId: UUID
  "Checks for matching with the object’s `name` field."
  name: String
  "Checks for equality with the object’s `isActive` field."
  isActive: Boolean
  "Forbidden group service filter"
  forbiddenGroupService: ForbiddenGroupServiceFilter
  "Forbidden group code filter"
  forbiddenGroupCode: ForbiddenGroupCodeFilter
}

"""
Methods to use when ordering `ForbiddenGroup`.
"""
enum ForbiddenGroupOrderBy {
  "Orders by the object’s `insertedAt` field in the ascending order."
  INSERTED_AT_ASC
  "Orders by the object’s `insertedAt` field in the descending order."
  INSERTED_AT_DESC
  "Orders by the object’s `name` field in the ascending order."
  NAME_ASC
  "Orders by the object’s `name` field in the descending order."
  NAME_DESC
}

"""
A connection to a list of `ForbiddenGroup` items.
"""
type ForbiddenGroupConnection {
  "Information to aid in pagination."
  pageInfo: PageInfo!
  "A list of nodes."
  nodes: [ForbiddenGroup]
  "A list of edges."
  edges: [ForbiddenGroupEdge]
}

"""
An edge in a connection of `ForbiddenGroup`.
"""
type ForbiddenGroupEdge {
  "The item at the end of the edge."
  node: ForbiddenGroup!
  "A cursor for use in pagination."
  cursor: String!
}

"""
ForbiddenGroup contains details about restricted codes, services and service groups included in medical events.
In order to obtain details user must have a scope **forbidden_group:details**
"""
type ForbiddenGroup implements Node {
  "The ID of an object."
  id: ID!
  "Primary key identifier from the database."
  databaseId: UUID!
  "The name of the `ForbiddenGroup`."
  name: String!
  "The reason the `ForbiddenGroup` was created."
  creationReason: String!
  "The reason the `ForbiddenGroup` was deactivated."
  deactivationReason: String
  "Whether the `ForbiddenGroup` is active or not?"
  isActive: Boolean!
  "Date and time when record was inserted."
  insertedAt: DateTime!
  "Date and time when record was updated."
  updatedAt: DateTime!

  "Services and Service groups wich belong to ForbiddenGroup."
  forbiddenGroupServices(
    "A condition to be used in determining which values should be returned by the collection."
    filter: ForbiddenGroupServiceFilter
    "The method to use when ordering collection items."
    orderBy: ForbiddenGroupServiceOrderBy
    "Read all values in the set after (below) this cursor."
    after: String
    "Read all values in the set before (above) this cursor."
    before: String
    "Only read the first _n_ values of the set."
    first: Int
    "Only read the last _n_ values of the set."
    last: Int
  ): ForbiddenGroupServiceConnection!

  "Codes wich belong to ForbiddenGroup."
  forbiddenGroupCodes(
    "A condition to be used in determining which values should be returned by the collection."
    filter: ForbiddenGroupCodeFilter
    "The method to use when ordering collection items."
    orderBy: ForbiddenGroupCodeOrderBy
    "Read all values in the set after (below) this cursor."
    after: String
    "Read all values in the set before (above) this cursor."
    before: String
    "Only read the first _n_ values of the set."
    first: Int
    "Only read the last _n_ values of the set."
    last: Int
  ): ForbiddenGroupCodeConnection!
}

Authorization

  • Verify the validity of access token

    • in case of error - return 401 (“Invalid access token”) in case of validation fails

  • Verify that token is not expired

    • in case of error - return 401 (“Invalid access token”)

  • Check user scopes in order to perform this action (scope = 'forbidden_group:details')

    • return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:details”) in case of invalid scope(s)

Validate legal entity

  • Extract client_id from token.

  • Check client scopes in order to perform this action (scope = 'forbidden_group:details')

    • in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: forbidden_group:details)

  • Check legal entity status (status = ACTIVE)

    • In case of error - return 409 ('client_id refers to legal entity that is not active')

Search params

Search with a few params performs according to the logical AND rule.

  1. id. Search by forbidden_groups.id (used to get group details)

  2. name. Search by forbidden_groups.name 

  3. is_active. Search by forbidden_groups.is_active

  4. item_code. Searches by:

    • services.code (forbidden_group_services join services)

    • service_groups.code (forbidden_group_services join service_groups)

    • forbidden_group_codes.code (for dictionaries)

  5. item_name. Searches by:

    • services.name (forbidden_group_services join services)

    • service_groups.name (forbidden_group_services join service_groups)

    • code description for dictionaries (forbidden_group_codes fc join dictionaries d on fc.system = d.name and fc.code = d.values.code)

  6. item_type (string). Limits the search to the following items:

    • service - search within service items

    • service_group - search within service_group items 

    • <system> - search within specified dictionary. Where <system> is eHealth/ICD10_AM/condition_codeseHealth/ICPC2/actionseHealth/ICPC2/condition_codes or eHealth/ICPC2/reasons dictionary name

  7. item_is_active. Searches by:

    • forbidden_group_services.is_active - for service/service_group

    • forbidden_group_codes.is_active - for dictionaries

Service logic

Render a forbidden_groups array with nested arrays of forbidden_group_codes and forbidden_group_services that match the search params

  • No labels