Table of Contents | ||||
---|---|---|---|---|
|
Purpose
This API allows to cancel Care plan in cases it has been rejected or entered in error.
Specification
Page Properties | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Logic
...
Preconditions
Sign message (pkcs7) that consists of signed content, digital signature, and signer public key. All signature fields will be validated (including signer certificate authority)
Important
Signed content of care plan must be equal to care plan stored in DB. See Get Care plan by ID
Activities should not be presented in signed content.
$.status_reason must be added to signed content
Logic
This method must be used to cancel of existing patient's Care plan. Method receives signed message (pkcs7) that consists of signed content, digital signature and signer public key. All signature fields will be validated (including signer certificate authority)
Key points
It can be cancelled by author of the Care plan who has an Approval granted by the patient on write Care plan resource
Cancel should be signed with DS. So, all the Care plan data (without activities data) should be submitted.
Status of the Care plan changed in async way. The result of the job should be a link on the Care plan details.
Input parameters
...
Input parameter
...
Values
...
Type
...
Description
...
Example
...
patient_id
...
String
...
MPI identifier of the patient
...
7c3da506-804d-4550-8993-bf17f9ee0402
...
id
...
String
...
Care Plan identifier
...
7c3da506-804d-4550-8993-bf17f9ee0403
Request structure
See on Apiary
Example:
Expand | ||
---|---|---|
| ||
|
Authorize
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'care_plan:write')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: care_plan:write') in case of invalid scope(s)
Request to process the request using a token in the headers
Headers
Наприклад:
Content-Type:application/json
Authorization:Bearer mF_9.B5f-4.1JqM
api-key:aFBLVTZ6Z2dON1V
Request data validation
Validate legal entity
Extract client_id from token
Check legal entity status is ACTIVE
In case of error - return 409 ('Legal entity must be ACTIVE')
Check legal entity type in me_allowed_transactions_le_types config parameter
in case of error - return 409 ('Action is not allowed for the legal entity type')
Validate User
...
Extract user_id from token.
Check user has an active and approved employee that:
...
Global and configurable parameters
Input parameters
Input parameter | Values | Type | Description | Example |
---|---|---|---|---|
patient_id | String | MPI identifier of the patient |
| |
id | String | Care Plan identifier |
|
Filters
No
Dictionaries
eHealth/care_plan_categories
eHealth/care_plan_cancel_reasons
eHealth/care_plan_complete_reasons
eHealth/ICD10_AM/condition_codes
PROVIDING_CONDITION
Request structure
See on Apiary
Example:
Expand | ||
---|---|---|
| ||
|
Dummy Cancel Care plan
Example:
Expand | ||
---|---|---|
| ||
|
Authorize
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'care_plan:write')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: care_plan:write') in case of invalid scope(s)
Request to process the request using a token in the headers
Headers
Наприклад:
Content-Type:application/json
Authorization:Bearer mF_9.B5f-4.1JqM
api-key:aFBLVTZ6Z2dON1V
Request data validation and processing
Validate legal entity
Extract client_id from token
Check legal entity status is ACTIVE
In case of error - return 409 ('Legal entity must be ACTIVE')
Check legal entity type in me_allowed_transactions_le_types config parameter
in case of error - return 409 ('Action is not allowed for the legal entity type')
Validate User
Extract user_id from token.
Check user has an active and approved employee that:
is specified as Author of the Care plan and has an active Approval granted by the Patient on write the Care plan resource (care plan id from URL)
Return 403 ('Access denied') in case employee has not specified as author of the care plan, or has no Approval on write
Validate data consistency
Ensure that submitted Care plan relates to the Patient (from URL)
Return 404 (not found) in case of error
Validate Digital Sign
Check DS is valid and not expired
Validate that DS belongs to the user
Check that DRFO from DS and user's party.tax_id matches
Validate status transition
Get Care plan by id
Check status:
Care plan status should be changed according to Care plan status model.
Return 409 ('Care plan in status <cancelled/completed> cannot be cancelled') in case of error
Validate status reason
Validate value in the field $.status_reason, required
Validate field type is codeable concept
Check that codeable concept refers to
eHealth/care_plan_cancel_reasons
dictionaryValidate value within dictionary specified above
Validate activities
Get Care plan activities
Check Care plan has no activities or all activities has final status.
Return 409 ('Care plan has unfinished activities') in case if found at least one activity not in final status
Validate content
Signed content must match with Care plan in DB in order to be changed
Render Care plan from DB
Exclude $.status_reason from signed content
Compare rendered Care plan and signed content
In case both object doesn't match - return 422 ('Signed content doesn't match with previously created care plan')
Processing
Service logic
Save signed content to media storage
Update Care plan status (update also updated_at, updated_by)
Set $.status_reason and $.status_history
Response structure
See on Apiary
Example:
Expand | ||
---|---|---|
| ||
|
Expand | ||
---|---|---|
| ||
|
Post-processing processes
API paragraph not found
HTTP status codes
...
HTTP status code
...
Message
...
What caused the error
...
201
...
use payload from response
...
sync
...
202
...
use Get job details to get processing result. Response payload will be returned in the job details
...
|
Post-processing processes
API paragraph not found
HTTP status codes
Page Properties | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|