Versions Compared

Old Version 21

changes.mady.by.user Natalia Horodytska (SoE eHealth)

Saved on

compared with

New Version 22

changes.mady.by.user Natalia Horodytska (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

...

  • Check user scopes in order to perform this action (scope = 'encounter:cancel'

    • Return 403 in case invalid scope(s)

Headers

Наприклад:

  • Content-Type:application/json

  • Authorization:Bearer {{access_token}}

  • API-key:{{secret}}

Request data validation

  1. Validate digital signature

    1. ds.drfo == PRM.parties.tax_id where PRM.parties.id==PRM.employees.party_id where:

      1. PRM.employees.id==$.encounter.performer.identifier.value)

      2. OR PRM.employees.id==$.approval.granted_to.identifier.value ($.approvals.granted_resources.identifier.value==$.encounter_id AND $.approvals.access_level='write')

      3. OR PRM.employees.employee_type==MED_ADMIN

  2. Compare signed_content to previously created content

    1. select encounter, select * from observations, conditions, immunizations, allergy_intolerances where context.identifier.value=encounter_id and compare to signed_content (do not include statuses to comparation, cancellation_reason and  explanatory_letter )

      1. in case of inconsistencies return "Submitted signed content does not correspond to previously created content"

  3. Validate diagnoses still valid

    1. if ($.encounter.status!="entered_in_error") validate ($.conditions[?(@.verification_status=="entered_in_error")].id is not IN $.encounter.diagnoses[*].condition.identifier.value)

      1. in case of error "The condition can not be canceled while encounter is not canceled" 

  4. Validate cancellation_reason

    1. $.cancellation_reason.coding[*].system == "eHealth/cancellation_reasons"

  5. Validate entities are not canceled yet (status!= "entered_in_error")

    1. in case of error "Invalid transition"

  6. Validate at least one entity in the request marked as "entered_in_error"

    1. in case of error "At least one entity should have status "entered_in_error""

  7. Validate user performs action with an episode that belong to his legal entity

    1. ME.patient{patinet_id}.episodes{episode_id}.managing_organization==token.client_id

      1. in case of error return 422 "Managing_organization in the episode does not correspond to user`s legal_entity"

  8. Validate reasons (eHealth/ICPC2/reasons dictionary)

    1. is case is_active = false return error 422 “value is not allowed in enum

Validate legal entity

  • Validate episode belongs to the legal entity where the current user works

    • ME.episode.managing_organization==token.client_id

      • in case of error return 409 "User is not allowed to perform actions with an episode that belongs to another legal entity"

...

API paragraph not found

HTTP status codes

HTTP status code

Message

What caused the error

 202

 

 

401

 

Access token validation failed

403

 

Invalid scope

404

 not found