Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

...

Request to process the request using a token in the headers

Headers

Наприклад:

  • Verify the validity of access token

    • Return 401 in case validation fails

  • Verify token is not expired

    • in case of error return 401 

  • Check user scopes in order to perform this action (scope = 'episode:write')

    • Return 403 in case invalid scope(s)

Headers

  • Content-Type:application/json

  • Authorization:Bearer mF_9.B5f-4.1JqMapi{{access_token}}

  • API-key:aFBLVTZ6Z2dON1V{{secret}}

Request data validation

  1. Validate patient status

    1. Medical_data status for this patient must be in "active" status

      1. in case of error return 409 - "Patient is not active"

  2. Validate episode id is unique

    1. $.id is unique 

      1.  in case of error return 422 - "Episode with such id already exists"

  3. Validate that episode number is unique 

    1. $.number is unique 

      1. in case of error return 409 - "Episode with such number already exists. Episode number must be unique"

  4. Validate request according to JSON Schema LINK

    1. in case of error return 422

  5. Validate type

    1. according to legal entity type: Medical Events Dictionaries and configurations#legal_entity_episode_types

      1. in case of error return 409 "Episode type <type> is forbidden for your legal entity type"

    2. according to employee type: Medical Events Dictionaries and configurations#employee_episode_types

      1. in case of error return 409 "Episode type <type> is forbidden for your employee type"

  6. Validate status= "active" - resolved by JSON schema

  7. Validate managing_organization

    1. Only one item is allowed in coding array

      1. in case of error return 422 "Only one item is allowed in "coding" array " 

    2. $.managing_organization.identifier.type.coding.[0].code = "legal_entity"

      1. in case of error return 422 "Only legal_entity could be submitted as a managing_organization"

    3. $.managing_organization.identifier.value = token.client_id

      1. in case of error return 422 "Managing_organization does not correspond to user`s legal_entity"

    4. $.managing_organization.identifier.type.coding.[0].system = "eHealth/resources"

      1. in case of error return 422 "Submitted system is not allowed for this field"

  8. Validate period

    1. $.period.start <= current_date

      1. in case of error return 422 - "Start date of episode must be in past"

    2. $.period.end is absent

      1. in case of error return 422 - "End date of episode could not be submitted on creation"

  9. Validate care_manager

    1. $.care_manager.identifier.type.coding.[0].code = "employee"

      1. in case of error return 422 "Only employee could be submitted as a care_manager"

    2. $.care_manager.identifier.type.coding.[0].system = "eHealth/resources"

      1. in case of error return 422 "Submitted system is not allowed for this field"

    3. $.care_manager.identifier.value must meet the following requirements

      1. PRM.employee.type = "DOCTOR" OR "SPECIALIST" OR "ASSISTANT"

        1. in case of error return 409 "Employee submitted as a care_manager is not in the list of allowed employee types" 

      2. PRM.employee.status= "active"

        1. in case of error return 409 "Employee submitted as a care_manager is not active"

      3. PRM.employee.legal_entity = token.client_id

        1. in case of error return 409 "User can create an episode only for the doctor that works for the same legal_entity"

    4. $.care_manager.identifier.value belongs to one of the user’s employee

      1. in case of error return 422 "Employee is not care manager of episode"

...

{:error, [{%{

        description: "Episode with such id already exists",

        params: [],

        rule: :invalid

      }, "$.id"}]}

Validate token

  • Verify the validity of access token

    • Return 401 in case validation fails

  • Verify token is not expired

    • in case of error return 401 

Validate scopes

Check user scopes in order to perform this action (scope = 'episode:write')

...

Access to the resource is also managed by ABAC module.

...