Purpose
This service is designed to obtain list of merge requests by NHS user.
Overview
- only employee with scope "merge_request:read" can get list of merge_requests
- list of merge_requests can be ordered
Specification
- GraphQL schema
- Features
Validation
Validate token
- Verify the validity of access token
- Return 401 in case validation fails
- token is not expired
- in case error return 401
- Validate client_id is NHS
- check client type is NHS
- in case of error rerun forbidden error (Client is not allowed to the action')
- check client type is NHS
Validate scopes
- Check user scopes in order to perform this action (scope = 'merge_request:read')
- Return forbidden in case invalid scope(s) -"Your scope does not allow to access this resource. Missing allowances: merge_request:read"
Validate context
Return response to user limited by context from user's token
- return limited response by manual_merge_requests.assignee_id=$user_id and manual_merge_requests.status in ('NEW', 'POSTPONED')
Response
If no contract request found return 200 and empty array