Overview
This web service is designed to return only diagnostic reports that were allowed to read by patient's approval to the current user.
Ендпоїнт допускає повернення даних тільки тих діагностичних тих діагностичних звітів, на які було видано Approval.
Specification
Authorization
Validate token
Verify the validity of access token
Return 401 in case validation fails
Verify token is not expired
in case error return 401
Validate scopes
Check user scopes in order to perform this action (scope = 'diagnostic_report:read')
Return 403 in case invalid scope(s)
Logic
Select all diagnostic reports(approvals.granted_resources.identifier.value) from patients approvals that meet the requirements:
patient_id= hashed patient_id from URL
status= 'active'
granted_to contains one of user's employees' id
granted_resources.identifier.type.coding[].code="diagnostic_report"
Select this diagnostic reports from ME.patients.diagnostic_reports
Add filters requested by the user (search params)