Purpose

Use this method to approve previously created Person Request.

Key features

1. Only authenticated and authorized user can use this service

2. Only NEW person request can be activated

3. The request can be activated only by the employee who works in the same legal entity in which the request was made.

Specification

...

Link

...

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/person-requests/approve-person-request

...

Посилання на Apiary або Swagger

...

Resource

...

/api/person_requests/{{id}}/actions/approve

...

Посилання на ресурс, наприклад: /api/persons/create

...

Scope

...

Scope для доступу

...

Components

...

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

...

Microservices

...

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

...

Protocol type

...

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

...

Request type

...

Тип запиту API, наприклад: GET, POST, PATCH…

...

Sync/Async

...

Метод є синхронним чи асинхронним?

Logic

Image Removed

approve_request.graphml

Preconditions

Global and configurable parameters

No

Input parameters

...

Input parameter

...

Values

...

Type

...

Description

...

Example

...

id

...

String

...

Required

...

eeebb86d-5cba-43c9-885b-6482ecaf826b

Filters

No

Dictionaries

API paragraph not found

Request structure

See on Apiary

Example:

{
  "verification_code": 6598
}

Authorize

Headers

Content-Type:application/json

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

api-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

Валідація даних

Наприклад:

1. Validate request using JSON schema

   1. In case validation failed - generate 422 error

...

...

Purpose

Use this method to approve previously created Person Request.

Key features

1. Only authenticated and authorized user can use this service

2. Only NEW person request can be activated

3. The request can be activated only by the employee who works in the same legal entity in which the request was made.

Specification

Logic

Image Added

approve_request.graphml

Preconditions

API paragraph not found

Global and configurable parameters

No

Input parameters

Filters

No

Dictionaries

API paragraph not found

Request structure

See on Apiary

Example:

{
  "verification_code": 6598
}

Authorize

1. Verify the validity of access token

   1. Return 401 in case validation fails.

2. Check scopes in order to perform this action (scope = 'person_request:write')

   1. Return 403 in case invalid scope(s).

Headers

Content-Type:application/json

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

api-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

1. Validate request using JSON schema

   1. In case validation failed - generate 422 error

JSON Schema

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "verification_code": {
      "type": "string"
    }
  },
  "required": [
    "verification_code"
  ],
  "additionalProperties": false
}

Processing

Get person request details

Get person request from IL_DB.person_request

Determine authorization method

Get authorization_method from IL_DB.person_request

SELECT IL_DB.person_request.authentication_method
FROM   IL_DB.person_request
WHERE IL_DB.person_request.id = :id

If authentication_method is NA - return error

If person have block confidant_person - check uploaded the confidant person's document and the document which confirms the guardianship.

If person's authentication_method == OFFLINE - check uploaded documents

If authentication_method = OTP (or THIRD_PERSON.auth_method = OTP)  - verify SMS code and add phone to db.verification.verified_phones

If authentication_method =  THIRD_PERSON and third_person.auth_method = OFFLINE - check uploaded documents from third person

Invoke verification module to verify OTP

OTP Verification

Check uploaded documents

Invoke Media Content Storage to check documents exist

Media Content Storage

Generate printout form

Invoke MAN to render print form.

Request mapping:

cURL example

curl --request POST \
     --header 'Accept: text/html' \
     --header 'Content-Type: application/json' \
     {:host}/templates/{:person_request_printout_id}/actions/render

Set IL.person_request.printout_content:

MANResponse.$.data

Change person request

1. Change entity status in IL_DB.person_request to APPROVED

2. Set updated_at - now() (Get current date-time)

3. Set updated_by - user_id (Extract user from token)

Response structure

See on Apiary

Example:

{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "properties": {     "verificationrequest_codeid": {
      "type": "string"
    }
  },
  "required": [
    "verification_code"
  ],
  "additionalProperties": false
}

Processing*

Потрібно описати процеси, які відбуваються з даними

1. Using global parameters

Потрібно викликати глобальні параметри (Global parameters), щоб отримати наведені нижче параметри

Response structure

See on Apiary

Example:

{
  "meta": {"req-adasdoijasdojsda"
  },
  "data": {
    "status": "SIGNED",
    "id": "eeebb86d-5cba-43c9-885b-6482ecaf826b",
    "person": {
      "id": "13001c60-45a0-4b5a-b425-9505e1de18bd",
      "codefirst_name": 201"Петро",
      "urllast_name": "https://example.com/resourceІванов",
      "typesecond_name": "objectМиколайович",
      "requestbirth_iddate": "req2009-07-adasdoijasdojsda05",
   },   "databirth_country": "Україна",
 {     "statusbirth_settlement": "SIGNEDВінниця",
      "idgender": "eeebb86d-5cba-43c9-885b-6482ecaf826bMALE",
      "personemail": {"email@example.com",
      "no_tax_id": "13001c60-45a0-4b5a-b425-9505e1de18bd"false,
      "firsttax_nameid": "Петро3999869394",
      "last_namesecret": "Івановsecret",
      "second_namedocuments": "Миколайович",[
        "birth_date": "2009-07-05",{
          "birth_countrytype": "УкраїнаBIRTH_CERTIFICATE",
          "birth_settlementnumber": "ВінницяАА120518",
          "genderissued_by": "MALEРокитнянським РВ ГУ МВС Київської області",
        "email"  "issued_at": "email@example.com2017-02-28",
          "noexpiration_tax_iddate": false,"2027-02-28"
      "tax_id": "3999869394", }
     "secret": "secret" ],
      "documentsaddresses": [
        {
          "type": "BIRTH_CERTIFICATERESIDENCE",
          "numbercountry": "АА120518UA",
          "issued_byarea": "Рокитнянським РВ ГУ МВС Київської областіЖитомирська",
          "issued_atregion": "2017-02-28Бердичівський",
          "expiration_datesettlement": "2027-02-28Київ",
        }  "settlement_type": "CITY",
   ],       "addressessettlement_id": ["b075f148",
        {           ""street_type": "RESIDENCESTREET",
          "countrystreet": "UAвул. Ніжинська",
          "areabuilding": "Житомирська15",
          "regionapartment": "Бердичівський23",
          "settlementzip": "Київ02090",
        }
 "settlement_type": "CITY",    ],
      "settlement_idphones": "b075f148", [
        {
    "street_      "type": "STREETMOBILE",
          "streetnumber": "вул. Ніжинська",+380503410870"
        }
 "building": "15",    ],
      "apartmentauthentication_methods": "23",[
        {
 "zip": "02090"         }"type": "THIRD_PERSON",
      ],      "phone_number": "phones": [
+380508887700",
       {           "type"value": "MOBILEc282f8a9-e709-40aa-94b4-dde1402bf4b6",
          "numberalias": "+380503410870husband"
        }
      ],
      "authentication_methodsunzr": ["20090705-00011",
      "emergency_contact":  {
          "typefirst_name": "THIRD_PERSONПетро",
 
        "phonelast_numbername": "+380508887700Іванов",
 
        "valuesecond_name": "c282f8a9-e709-40aa-94b4-dde1402bf4b6Миколайович",
 
        "aliasphones": [
"husband"         } {
     ],       "unzrtype": "20090705-00011MOBILE",
      "emergency_contact": {         "first_name"number": "Петро",+380503410870"
          }
  "last_name": "Іванов",     ]
   "second_name": "Миколайович",  },
      "phonesconfidant_person": [
 
        {
 
          "relation_type": "MOBILEPRIMARY",
            "numberfirst_name": "+380503410870Петро",
          }
"last_name": "Іванов",
       ]   "second_name": "Миколайович",
  },        "confidantbirth_persondate": ["1972-10-26",
           {"birth_country": "Україна",
          "relationbirth_typesettlement": "PRIMARYВінниця",
          "first_namegender": "ПетроMALE",
          "lasttax_nameid": "Іванов2659719350",
          "second_namesecret": "Миколайовичsecret",
          "birth_dateunzr": "197219900101-10-2600099",
          "birthpreferred_way_countrycommunication": "Українаemail",
          "birthdocuments_settlementperson": "Вінниця",[
            {
  "gender": "MALE",           "tax_idtype": "2659719350PASSPORT",
              "secretnumber": "secretАА120518",
              "unzrexpiration_date": "199001012021-02-0009928",
          "preferred_way_communication": "email",           "documents_person"issued_by": ["Рокитнянським РВ ГУ МВС Київської області",
       {       "issued_at": "2017-02-28"
      "type": "PASSPORT",     }
         "number": "АА120518" ],
              "expirationdocuments_daterelationship": "2021-02-28", [
            {
  "issued_by": "Рокитнянським РВ ГУ МВС Київської області       "type": "BIRTH_CERTIFICATE",
              "issued_atnumber": "2017-02-28АА120518",
            }  "issued_by": "Рокитнянським РВ ГУ МВС Київської області",
  ],            "documentsissued_relationshipat": ["2017-02-28"
            {}
          ],
   "type       "phones": "BIRTH_CERTIFICATE",[
            {
 "number": "АА120518",
              "issued_bytype": "Рокитнянським РВ ГУ МВС Київської областіMOBILE",
              "issued_atnumber": "2017-02-28+380503410870"
            }
          ],
 
        "phones": [
            {
              "type": "MOBILE",
              "number": "+380503410870"
            }
          ],
          "email": "emaill@example.com"
        }
      ],
      "preferred_way_communication": "email"
    },
    "patient_signed": false,
    "process_disclosure_data_consent": true,
    "content": "Person content",
    "channel": "MIS",
    "authorize_with": "cc949559-5dfe-420f-ac05-065e443b2cc6"
  }
}

Post-processing processes

Що має відбутися в ЦБД після опрацювання та відправлення відповіді, тощо

HTTP status codes

...

HTTP status code

...

Message

...

What caused the error

...

 201

...

 Response

...

...

...

...

Backward compatibility

Сумісність з попередніми версіями методу

Specification

Apiary

Service logic

Validate request

1. Validate request using JSON schema
   

   1. In case validation failed - generate 422 error

JSON Schema

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "verification_code": {
      "type": "string"
    }
  },
  "required": [
    "verification_code"
  ],
  "additionalProperties": false
}

Authorize user

1. Verify the validity of access token
   

   1. Return 401 in case validation fails

2. Check scopes in order to perform this action (scope = 'person_request:write')

   1. Return 403 in case invalid scope(s)

Get person request details

Get person request from IL_DB.person_request

Determine authorization method

Get authorization_method from IL_DB.person_request

SELECT IL_DB.person_request.authentication_method
FROM   IL_DB.person_request
WHERE IL_DB.person_request.id = :id

If authentication_method is NA - return error

If person have block confidant_person - check uploaded the confidant person's document and the document which confirms the guardianship.

If person's authentication_method == OFFLINE - check uploaded documents

If authentication_method = OTP (or THIRD_PERSON.auth_method = OTP)  - verify SMS code and add phone to db.verification.verified_phones

If authentication_method =  THIRD_PERSON and third_person.auth_method = OFFLINE - check uploaded documents from third person

Invoke verification module to verify OTP

OTP Verification

Check uploaded documents

Invoke Media Content Storage to check documents exist

Media Content Storage

Generate printout form

Invoke MAN to render print form.

Request mapping:

...

Parameter

...

Source

...

id

...

PERSON REQUEST

cURL example

curl --request POST \
     --header 'Accept: text/html' \
     --header 'Content-Type: application/json' \
     {:host}/templates/{:person_request_printout_id}/actions/render

Set IL.person_request.printout_content:

MANResponse.$.data

Change person request

...

Change entity status in IL_DB.person_request to APPROVED

...

Set updated_at - now() (Get current date-time)

...

     "email": "emaill@example.com"
        }
      ],
      "preferred_way_communication": "email"
    },
    "patient_signed": false,
    "process_disclosure_data_consent": true,
    "content": "Person content",
    "channel": "MIS",
    "authorize_with": "cc949559-5dfe-420f-ac05-065e443b2cc6"
  }
}

Post-processing processes

API paragraph not found

HTTP status codes

Backward compatibility

API paragraph not found