Versions Compared

Old Version 18

changes.mady.by.user Dmytro Kulibaba (Unlicensed)

Saved on

compared with

New Version 19

changes.mady.by.user Dmytro Omelchenko (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Purpose

This WS method gives an opportunity to reject and close preperson merge request by hand.

Specification

Page Properties
idAPI_Specification
API paragraph not found

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/merge-request/reject-merge-request

Посилання на Apiary або Swagger

Resource

/api/merge_requests/{{id}}/actions/reject

Посилання на ресурс, наприклад: /api/persons/create

Scope

merge_request:write

Scope для доступу

Components

Patient registry

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

il/api

mpi/api

fe/admin-web

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

PATCH

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

  1. Only authenticated and authorized SPECIALIST, ASSISTANT or RECEPTIONIST employees can use this WS.

  2. Usage of this WS allowed in EMERGENCY or OUTPATIENT legal entities.

  3. Only NEW or APPROVED merge request can be rejected.

  4. The request can be rejected only by employee who made the request.

  5. Change status should be logged in the Event manager.

...

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check user scopes in order to perform this action (scope = 'merge_request:write')

    1. Return 403 in case invalid scope(s)

  3. Check the employee has created this merge request. Thus select inserted_by from il.merge_requests of this merge request and compare it with user_id from the token.

    1. If not match - return 403 error (Only author of merge request is allowed to reject it)

  4. Check that client_id from the token maches with il.merge_requests.legal_entity_id

    1. If not match - return 422 error (User doesn’t belong to legal entity where the merge request was created)

Headers

Наприклад:

Content-Type:application/json

Authorization:Bearer c2778f3064753ea70de870a53795f5c9api{{access_token}}

Api-key:uXhEczJ56adsfh3Ri9SUkc4en{{secret}}

Request data validation

Validate merge request

...

Page Properties
idAPI_HTTP status codes

HTTP status code

Message

What caused the error

200

 Response

 

401

 

 Access token validation failed

403

Invalid scope

Only author of merge request is allowed to reject it

404

Validation merge request id exists in DB failed

409

Invalid merge request status

422

User doesn’t belong to legal entity where the merge request was created