Created by Denys Syzonenko
Last updated: Feb 02, 2023
2 min read
Purpose
This WS allows to approve pending declaration from Admin panel.
Key points
This is a graphQl method used in Administration panel only.
Only authenticated and authorized NHS employee with appropriate scope can approve pending declaration.
Only pending declaration (in status ‘pending_verification’) can be approved.
Specification
Authorization
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'declaration:approve')
return 403 (“Your scope does not allow to access this resource. Missing allowances: declaration:approve”) in case of invalid scope(s)
Validate legal entity
Extract client_id from token.
Check client scopes in order to perform this action (scope = 'declaration:approve')
in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: declaration:approve”)
Check client type (type = NHS)
In case of error - return 403 ('You don't have permission to access this resource')
Validate request
Check
declaration_id
submittedin case not submitted - return 422 ('required property declaration_id was not present')
in case does not exist in OPS db - return 404 ('Declaration not found')
in case exists in OPS db but is not active - return 409
Service logic
Update data:
declarations table by
declaration_id
set status = ‘active’
set updated_at, updated_by