Versions Compared

Old Version 10

changes.mady.by.user Serhii Boldin (SoE eHealth)

Saved on

compared with

New Version Current

changes.mady.by.user Oleksandr Zhuk (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

...

Page Properties
idAPI_Specification

Link

https://ehealthmedicaleventsapi.docs.apiary.io/#reference/device-requests/create-device-request/create-device-request

Посилання на Apiary або Swagger

Resource

/api/patients/{{patient_id}}/device_requests

Посилання на ресурс, наприклад: /api/persons/create

Scope

device_request:write

Scope для доступу

Components

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

POST

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Метод є синхронним чи асинхронним?

Public/Private/Internal

Потрібно зазначити тип методу за ступенем доступності

Logic

  1. Save signed content to media storage, in bucket pointed in MEDIA_STORAGE_DEVICE_REQUEST_BUCKET chart parameter

  2. Fill in the following fields:

    1. requisition. Generate requisition number as described at Human readable Medication request number , but based on the Device Request identifier and put it in the field.

    2. signed_content_links. Add string item in the array with a link on saved content in media storage

    3. status = ACTIVE

    4. status_reason = null

    5. subject. Set hashed patient_id from URL

    6. requester_legal_entity. Set client_id from token

    7. quantity.unit. Set description according to quantity code and system

    8. dispense_valid_to. Set (current_date + dispense_period_day) if medical program was set and it has dispense_period_day setting. Otherwise, set the value using device_dispense_period global parameter.

    9. verification_code. Generate random 4-digit code

    10. context_episode_id. Set episode from the $.encounter

    11. inserted_at. Set current date and time

    12. updated_at. Set current date and time

    13. inserted_by. Set current user from token

    14. updated_by. Set current user from token

  3. Send verification code:

    1. Determine patient's default authentication method as described at Determination of a default authentication method and return person's active auth_methods :

      1. if OTP defined, then generate text according to TEMPLATE_SMS_FOR_CREATE_DEVICE_REQUEST and send SMS with verification_code

  4. Save data to device_requests collection in MongoDB according to /wiki/spaces/CSI/pages/17467375685

  5. Send StatusChangeEvent to Event Manager

Input parameters

Input parameter

Values

Type

Description

Example

patient_id

String

MPI identifier of the person

7075e0e2-6b57-47fd-aff7-324806efa7e5

Request structure

See on Apiary

...

  1. Validate request is signed

    1. in case of error - return 400 (“document must be signed by 1 signer but contains 0 signatures”“Invalid signed content”)

  2. Check DS is valid and not expired

  3. Validate that DS belongs to the requester

    1. Check that DRFO from DS and party.tax_id matches

      1. in case of error - return 422 (“Does not match the signer drfo““Signer DRFO doesn't match with requester tax_id“)

Validate legal entity

  • Extract client_id from token

  • Check legal entity status is ACTIVE

    • In case of error - return 409 ('client_id refers to legal entity that is not active')

  • Check legal entity type in ME_ALLOWED_TRANSACTIONS_LE_TYPES config parameter

    • in case of error - return 409 ('client_id refers to legal entity with type that is not allowed to create medical events transactions')

...

  • Get Patient identifier from the URL

  • Check it exists in persons table (MPI) and has status active

    • Return 404 ('Person is not found') in case of error

  • Validate person'sverification_status is not equal to NOT_VERIFIED.

    • in case NOT_VERIFIED - return error 409 ("Patient is not verified")

  • Validate person isnot a preperson

    • in case error - return error 409 ("Forbidden to create device request for a preperson")

Validate request

Validate request using schema.

...