Table of Contents |
---|
...
Check that at least one address record with
type = 'RESIDENCE'
is submittedin case of error - return 422 ('one and only one residence address is required')
Validate necessity of confidant person
A block with information about confidant person must be transferred when the person is created.
New endpoints /wiki/spaces/CSI/pages/17613291561 Confidant Persons technical specification must be used to manage list of persons confidants.
Expand | ||||
---|---|---|---|---|
| ||||
|
In case if persons age < no_self_registration_age global parameter - check that confidant_person is submitted
in case of error - return 422 ('Confidant person is mandatory for children.')
In caseif persons age is greater then no_self_registration_age global parameter, but less then person_full_legal_capacity_age global parameter:
if none of persons documents has type from PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter - check that confidant_person is submitted
In case of error - return 422 ('Confidant person is mandatory for minor patients.')
Else if at least one of submitted person document types exist in PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter - check that confidant_person is not submitted
in case of error - return 422 ('Confidant can not be submitted for person who has document that proves legal capacity.')
Validate confidant person
Confidant person must be validated only if $.person.confidant_person
block is presented in the request:
Check that confidant_person.person_id exists in persons table (MPI DB) with status = active and is_active = true
in case of error - return 422 ('Confidant person is not found')
Check if confidant person itself shouldn’t be authorized by confidant - so it doesn’t correspond to following rules:
confidant persons age < no_self_registration_age global parameter;
confidant persons age between no_self_registration_age and person_full_legal_capacity_age global parameters and person does not have document with type from PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter;
confidant persons age > person_full_legal_capacity_age global parameter and exists at least one active and approved confidant person relationship for person (using following process Check confidant person with
person_id
=$.person.confidant_person.person_id
from request - expected:ok, :approved
response)confidant person has at least one confidant person in persons.confidant_person array
in case of error - return 422 ('Person with incorrect age or with active confidant person relationship can not be submitted as confidant')
Check that confidant person cumulative verification status is not in NOT_ALLOWED_CONFIDANT_PERSON_VERIFICATION_STATUSES config parameter
in case of error - return 422 ('Person with cumulative verification status <person.verification_status> can not be submitted as confidant')
Check that confidant person has active authentication method with type = OTP
in case of error - return 422 ('Confidant person must have active authentication method with type "OTP"')
Validate confidant persons
documents_relationship
Validate document
issued_at
dateCheck that issued_at <= now()
in case of error - return 422 ('Document issued date should be in the past')
Check that issued_at => person.birth_date
in case of error - return 422 ('Document issued date should greater than person.birth_date')
Validate document
active_to
dateCheck that active_to > now()
in case error - return 422 ('Document active_to should be in future')
Validate document
type
according to DOCUMENT_RELATIONSHIP_TYPEdictionaryIn case of error - return 422 ('value is not allowed in enum')
Validate document
number
according to regexp (as part of JSON Schema validation)BIRTH_CERTIFICATE -
^((?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]){2,25}$
In case of error - return 422 ('string does not match pattern') with the corresponding regexp
other document type numbers should be validated according to format varchar (255)
in case of error - return 422 ('expected value to have a maximum length of 255 but was <<document_number_length>>')
Validate person documents
Check submitted person document types exist in PERSON_REGISTRATION_DOCUMENT_TYPES config parameter that contains values from DOCUMENT_TYPE dictionary
in case of error - return 422 ('Submitted document type is not allowed')
Check document types from PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter (that prove persons legal capacity) are not submitted if persons age is less then no_self_registration_age global parameter or greater then person_full_legal_capacity_age global parameter
in case of error - return 422 ('<Document type> can not be submitted for this person') with first found document type
If at least one document type from PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter is submitted, check that at least one document type from PERSON_REGISTRATION_DOCUMENT_TYPES is submitted
in case of error - return 422 ('Document that proves personal data must be submitted.')
Validate document
issued_at
dateCheck that issued_at <= now()
in case of error - return 422 ('Document issued date should be in the past')
Check that issued_at => person.birth_date
in case of error - return 422 ('Document issued date should greater than person.birth_date')
Validate document
expiration_date
Check that expiration_date > now()
in case error - return 422 ('Document expiration_date should be in future')
Check that expiration_date exists for following document types:
NATIONAL_ID
COMPLEMENTARY_PROTECTION_CERTIFICATE
PERMANENT_RESIDENCE_PERMIT
REFUGEE_CERTIFICATE
TEMPORARY_CERTIFICATE
TEMPORARY_PASSPORT
in case error - return 422 ('expiration_date is mandatory for document_type $.documents.type')
Validate document
number
according to regexp (as part of JSON Schema validation)PASSPORT -
^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$
NATIONAL_ID -
^[0-9]{9}$
BIRTH_CERTIFICATE -
^((?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]){2,25}$
COMPLEMENTARY_PROTECTION_CERTIFICATE -
^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$
REFUGEE_CERTIFICATE -
^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$
TEMPORARY_CERTIFICATE -
^(((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{4,6}|[0-9]{9}|((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{5}\\/[0-9]{5})$
TEMPORARY_PASSPORT -
^((?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]){2,25}$
CHILD_BIRTH_CERTIFICATE -
^((?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]){2,25}$
MARRIAGE_CERTIFICATE -
^((?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]){2,25}$
DIVORCE_CERTIFICATE -
^((?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]){2,25}$
in case of error - return 422 ('string does not match pattern') with the corresponding regexp
If
unzr
exists and is not null, check that it matches pattern -^[0-9]{8}-[0-9]{5}$
in case of error - return 422 ('string does not match pattern') with the corresponding regexp
If document with
type
NATIONAL_ID exists in request, check thatunzr
exists in requestin case of error - return 422 ('unzr is mandatory for document type NATIONAL_ID')
Check that document types NATIONAL_ID and PASSPORT both do not exist in request
in case of error - return 422 ('Person can have only new passport NATIONAL_ID or old PASSPORT.')
Check that document types BIRTH_CERTIFICATE or BIRTH_CERTIFICATE_FOREIGN are submitted if persons age < no_self_auth_age global parameter
in case of error - return 422 ('Documents should contain one of: BIRTH_CERTIFICATE, BIRTH_CERTIFICATE_FOREIGN.')
Check that document
number
length < 255in case of error - return 422 ('expected value to have a maximum length of 255 but was <<document_number_length>>')
...
Check that only one authentication method is submitted for person
in case of error - return 422 ('expected a maximum of 1 items but got <<count_authentication_method_objects>>')
In case if
person.confidant_person
block is notempty:Check that submitted
authentication_methods
record hastype = 'THIRD_PERSON'
in case of error - return 422 ('Only THIRD_PERSON authentication method can be created for person')
Check that THIRD_PERSON is the same person who is submitted as confidant (
authentication_methods[0].value = confidant_person[0].person_id
)in case of error - return 422 ('Confidant person must be submitted as THIRD_PERSON for authentication method')
Check that THIRD_PERSON is found less than third_person_limit global parameter value in the system (in table person_authentication_methods with value = authentication_methods[0].value& ended_at іs empty or > now() & type = THIRD_PERSON)
in case of error - return 422 ('This fiduciary person is present more than $.global_parameters.third_person_limit times times in the system')
Else if
person.confidant_person
block is empty:Check that submitted
authentication_methods
block contains record withtype = 'OTP'
ortype = 'OFFLINE'
in case of error - return 422 ('Only OTP or OFFLINE authentication method can be created for person')
For authentication method with type = ‘OTP’ perform following phone number limit validation only if USE_PHONE_NUMBER_AUTH_LIMIT config parameter is set to
true
:check that phone number from persons authentication method is found less than phone_number_auth_limit global parameter in the system (in table person_authentication_methods with phone_number = $.person.authentication_methods.[0].phone_number & ended_at іs empty or > now() & type = OTP)
in case of error - return 409 ('This phone number is present more then $.global_parameters.phone_number_auth_limit times in the system')
...
Validate block confidant person. If
$.person.confidant_person
is not null:Generate URLs with type
confidant_person.{confidant_person.person_id}.documents_relationship.[:].{type}
Validate block of person documents. If one of the documents has document.type = BIRTH_CERTIFICATE_FOREIGN and there is no same document in {$.person_request.person.confidant_person.[:].documents_relationship.[:]}
and persons age < no_self_auth_age global parameter then
Generate URL with type
person.BIRTH_CERTIFICATE_FOREIGN
Validate block of person documents. If one of the documents has document.type = PERMANENT_RESIDENCE_PERMIT and persons age >= no_self_auth_age global parameter then
Generate URL with type
person.PERMANENT_RESIDENCE_PERMIT
Validate block of authentication methods. If authentication method type = OFFLINE
Generate URLs with type
person.{$.person.documents.[:].type}
for each persons document
Validate persons unzr. If
$.person.unzr
is not empty and first 8 digits of$.person.unzr != $.person.birth_date
Generate URL with type
person.unzr
...
id = autogenerate uuid
person_data =
$.person
from request in json formatstatus = NEW
authentication_method_current = type for auth method that is used to authorize request (set phone_number for type OTP or THIRD_PERSON with type OTP)
channel = MIS
legal_entity_id = client_id from token (id of legal entity where person request is created)
tax_id =
$.person.tax_id
from request (if not null)last_name =
$.person.last_name
from requestfirst_name =
$.person.first_name
from requestbirth_date =
$.person.birth_date
from requestdocuments = generated links for documents upload (if needed)
person_documents =
$.person.documents
from request in json formatinserted_by = user_id from token
updated_by = user_id from token
inserted_at = now()
updated_at = now()
patient_signed =
$.patient_signed
from requestprocess_disclosure_data_consent =
$.process_disclosure_data_consent
from requestversion = 2
Generate verification code
...
Check that
$.person.id
is a valid uuidin case error - return 422 ('string does not match pattern') with uuid regexp
Check that person exists in persons table (MPI DB) with status = active and is_active = true
in case error - return 422 ('such person doesn't exist’)
Check that amount of changes of person data in request is acceptable (person is not updated too much). Compare updated person data with data from person request using existing /wiki/spaces/CSI/pages/17612898385 deduplication model - check that resulted comparison score is greater that PERSON_ONLINE_DEDUPLICATION_UPDATE_SCORE config parameter
in case of error - return 409 ('Such person can't be updated. Deduplication update score is lower than system value (less changes should be made)')
...
The person can pass the id of his auth method which he wants to use to confirm the update person request. The necessary auth method can be found by making Get person's auth methods.
Check that
$.authorize_with
with auth_method.type = 'THIRD_PERSON' is submitted for person that must be authorized by confidant person using following logic:persons age < no_self_registration_age global parameter;
persons age between no_self_registration_age and person_full_legal_capacity_age global parameters and person does not have document with type from PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter;
persons age > person_full_legal_capacity_age global parameter and exists at least one active and approved confidant person relationship for person (using following process /wiki/spaces/CSI/pages/17667883028 Check confidant person relationship with
person_id
= person from request - expected:ok, :approved
response)in case of error - return 422 ('Authentication method with type THIRD_PERSON must be submitted for this person')
Check that
$.authorize_with
is a valid uuidin case error - return 422 ('string does not match pattern') with uuid regexp
Check that auth method exists in MPI database,
person_authentication_methods
table, belongs to person from request, stored in$.person.id
, is active (ended_at > now() or ended_at is null and is_active = true), and type != NA, additionally for auth method with type = ‘THIRD_PERSON’ - check that person from value is an approved confidant for a$.person.id
from request – exists active and approved confidant person relationship between person from request and person_id from authentication method value (using following logic: /wiki/spaces/CSI/pages/17667883028 cess Check confidant person relationship withperson_id
= person from request andconfidant_person_id
= value from auth method - expected:ok, :approved
response)in case error - return 409 ('Authentication method doesn't belong to person.')
...
id = autogenerate uuid
person_data =
$.person
from request in json formatstatus = NEW
authentication_method_current = calculated authentication method current for request (set phone_number for type OTP or THIRD_PERSON with type OTP)
channel = MIS
legal_entity_id = client_id from token (id of legal entity where person request is created)
tax_id =
$.person.tax_id
from request (if not null)last_name =
$.person.last_name
from requestfirst_name =
$.person.first_name
from requestbirth_date =
$.person.birth_date
from requestdocuments = generated links for documents upload (if needed)
person_documents =
$.person.documents
from request in json formatinserted_by = user_id from token
updated_by = user_id from token
inserted_at = now()
updated_at = now()
patient_signed =
$.patient_signed
from requestprocess_disclosure_data_consent =
$.process_disclosure_data_consent
from requestperson_data_id =
$.person.id
from requestauthorize_with =
$.authorize_with
from request (if not null)version = 2
Generate verification code
...