...

• Verify the validity of access token

  • in case of error - return 401 “Invalid access token” in case of validation fails

• Verify that token is not expired

  • in case of error - return 401 “Invalid access token”

• Check user scopes in order to perform this action (scope = 'medical_program_provision:write')

  • return 403 “Your scope does not allow to access this resource. Missing allowances: medical_program_provision:write” in case of invalid scope(s)

Headers

Наприклад:

• Content-Type:application/json

• Authorization:Bearer F3GF124Df565FDS234SDF34

• api-key:aDGFDFGT46S5gFGD

...

1. Validate contract_number, if submitted:

   1. Select contract_number from contracts where:

      1. type = REIMBURSEMENT

      2. is_active=true

      3. status = VERIFIED

      4. contractor_legal_entity = client_id (from token)

         1. in case of error - return 422 “Your legal entity has no reimbursement contract with number <contract_number> or it is not active”

2. Validate medical_program_id:

   1. Сheck program exists and active

      1. in case of error - return 422 “Medical program not found”

   2. If medical program has funding_source is in ('NHS', 'LOCAL')

      1. in case of error - return 422 “Medical program not found“

   3. If medical program has funding_source = NHS:

      1. Validate contract_number submitted:

         1. in case of error - return 422 “Contract number should be submitted for medical program with NHS funding source“

      2. Check medical program belongs to the contract

         1. in case of error - return 422 “Medical program does not belong to contract”

   4. If medical program has funding_source = LOCAL:

      1. Validate msp_legal_entity_id submitted:

         1. in case of error - return 422 “MSP legal entity should be submitted for medical program with LOCAL funding source“

3. Validate divisions :

   1. Check divisions are not duplicated in the array

      1. in case of error - return 422 “Division list has duplicated identifiers in the request”

   2. For each division in the array:

      1. Validate it exists and active (is_active = true and status = ACTIVE):

         1. in case of error - return 422 “Division does not exist or not active”

      2. If chart parameter DISPENSE_DIVISION_DLS_VERIFY is on, then validate it DLS verified (dls_verified=true)

         1. in case of error - return 422 “Division with id <id> is not verified in DLS”

      3. Validate it belongs to the legal entity (client_id from token)

         1. in case of error - return 422 “Division does not belong to legal entity”

      4. Validate there is no existing active records with the same division, medical program, contract number or msp_legal_entity_id

         1. in case of error - return 422 “The medical program has already been provided by division according to the contract or MSP legal entity“

      5. Validate it is DLS verified by one of the params (if both params are on, check that at least one of checks passes):

         1. If chart parameter DISPENSE_DIVISION_DLS_VERIFY is on, check that division.dls_verified=true

         2. If chart parameter DISPENSE_DIVISION_HEALTHCARE_SERVICE_DLS_VERIFY is on, check that exists healthcare service with division_id = $.divisions.[*], category = ‘PHARMACY’, status = ‘ACTIVE’ and licensed_healthcare_service.status = ‘ACTIVE’

            1. in case of error - return 422 “Division with id <id> is not verified in DLS”

4. Validate msp_legal_entity_id , if submitted:

   1. Check legal entity exists and is_active:

      1. in case of error - return 422 “MSP legal entity not found”

   2. Check legal entity status (status = ACTIVE, SUSPENDED)

      1. In case of error - return 422 “Invalid status of MSP legal entity”

   3. Check legal entity type (type = PRIMARY_CARE, OUTPATIENT, EMERGENCY)

      1. In case of error - return 422 “Legal entity type should be of PRIMARY_CARE, OUTPATIENT or EMERGENCY”

...