Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Overview

This WS allows to cancel procedure in case they were entered in error.

...

Authorization

Validate token

  • Verify the validity of access token
    • Return 401 in case validation fails
  • Verify token is not expired
    • in case error return 401 

Validate scopes

  • Check user scopes in order to perform this action (scope = 'procedure:write')
    1. Return 403 in case invalid scope(s)

...

  1. Validate digital signature
    1. ds.drfo == PRM.parties.tax_id where (PRM.parties.id==PRM.employees.party_id where (PRM.employees.id==$.performer.identifier.value))
  2. Compare signed_content to previously created content
    1. select procedure, select * from procedures context.identifier.value=procedure_id and compare to signed_content (do not include status, status_reason and explanatory_letter )
      1. in case of inconsistencies return "Submitted signed content does not correspond to previously created content"
  3. Validate status_reason is in dictionary eHealth/procedure_status_reasons
    1. in case error return 422, "status_reason not in a dictionary eHealth/procedure_status_reasons"
  4. Validate user performs action with procedure that belong to his legal entity
    1. ME.patient{patinet_id}.procedures{procedure_id}.managing_organization==token.client_id
      1. in case of error return 422 "Managing_organization in the procedure does not correspond to user`s legal_entity"

...