...
| Table of Contents |
|---|
Requirements
Specification
Validations
| Table of Contents | ||||
|---|---|---|---|---|
|
Required parameters are marked with "*"
Якщо інформації по відповідному параметру немає, потрібно зазначити: “APIparagraph not found”.
Purpose*
This method must be used to cancel existing Service Request.
Specification*
| Page Properties | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Logic*
This method must be used to cancel existing Service Request. Method receives signed message (pkcs7) that consists of signed content, digital signature and signer public key. All signature fields will be validated (including signer certificate authority)
Important
Signed content of service request must be equal to service request stored in DB. See Get Service Request details
status_reason and explanatory_letter (optional) must be added to signed content
Please see Service request (Referral) state model and Dummy Cancel Service Request for more details
Scopes required: service_request:cancel
It can be processed in both sync and async methods depends on Server decision.
Request structure*
See on Apiary
Example:
| Expand | ||
|---|---|---|
| ||
|
Authorize*
Verify the validity of access token
Return (401, 'unauthorized') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'unauthorized')
Check user scopes in order to perform this action (scope = 'service_request:cancel')
Return (403, 'invalid scopes') in case of invalid scope(s)
Request to process the request using a token in the headers
Headers*
Наприклад:
Content-Type:application/json
Authorization:Bearer mF_9.B5f-4.1JqM
api-key:aFBLVTZ6Z2dON1V
Request data validation*
Validate legal entity
Check legal entity type: it has to be in me_allowed_transactions_le_types config parameter, has status = active and nhs_verified = true
in case of error return 409 "Action is not allowed for the legal entity"
Validate digital signature
Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
See service specification1. Ensure
Ensure that digital signature is valid
...
Validate that requester of service request is a current user
2.1. Get token metadata
Extract user_id, client_id, client_type
2.2. Determine the party_id associated with this user_id
| Code Block | |
|---|---|
| sql | SELECT pu.party_id FROM party_users pu WHERE pu.user_id = :user_id; |
2.3. Determine employees related to this party_id in current MSP
| Code Block | ||
|---|---|---|
| ||
SELECT e.id FROM employees e WHERE e.party_id = :party_id AND e.legal_entity_id = :client_id; |
2.4 Ensure that $.requester.identifier.value matches with user employees3.
Validate that DS belongs to the requester of encounter
3.1. Determine the party_id associated with requester ($.requester.identifier.value)
| Code Block | language | sql
|---|
SELECT p.tax_id FROM employees e, parties p WHERE e.party_id = p.id AND e.id = :requester; |
...
Render service request from DB
Exclude $.status_reason and $.explanatory_letter from signed content
Compare rendered service request and signed content
In case both object doesn't match - return 422 ('Signed content doesn't match with previously created service request')
Processing*
Service logic
Save signed content to media storage
Update service request status to entered_in_error (update also updated_at, updated_by)
Write record to status history
Send SMS to patient (if authentication_method_current == SMS)
Template - TBD
Async! Revoke all approvals made by this service request
Response structure*
See on Apiary
Example:
| Expand | ||
|---|---|---|
| ||
|
| Expand | ||
|---|---|---|
| ||
|
Post-processing processes*
API paragraph not found
HTTP status codes*
| Page Properties | |||||||||
|---|---|---|---|---|---|---|---|---|---|
|