Page Comparison

Purpose

This WS is designed to unblock previously blocked Medication request with indicating block_reason and block_reason_code by Pharmacy user.

Key points

1. Only authenticated and authorized user with appropriate scope and ‘PHARMACIST’ employee type can unblock Medication request.

2. In the response of this endpoint legal entity, division and employee details are trimmed.

3. Medication request can be unblocked only if it was previously blocked.

4. Medication request can be unblocked only from ‘ACTIVE' status.

Specification

Apiary

Authorization

1. Verify the validity of access token

   • in case of error - return 401 (“Invalid access token”) in case of validation fails

2. Verify that token is not expired

   • in case of error - return 401 (“Invalid access token”)

3. Check user scopes in order to perform this action (scope = 'medication_request:unblock_pharm')

   • return 403 (“Your scope does not allow to access this resource. Missing allowances: medication_request:unblock”unblock_pharm”) in case of invalid scope(s)

Validations

Validate request

• Validate request using JSON schema

  • in case of error - return 422

Validate Medication request

• Get Medication request identifier from the URL. Check Medication request exists in OPS DB

  • in case of error - return 404 ("Medication request does not exist")

Validate user

• Medication Request unblocking is allowed for user if he has

...

• active and approved employee

...

• is an author of the Medication request Request (medication_request.employee_id)

• has an approval on write Care plan if Medication Request based on the Care plan (medication_request.based_on)

• is Med_Admin from legal entity where Medication Request is created with employee_type = ‘PHARMACIST’

  • in case of error - return 409 ("Only pharmacist can unblock medication request")

• Check if user is from the same legal entity as legal_entity in $.medication_requests.blocked_by_legal_entity_id :

  1. client_id from token = $.medication_requests.blocked_by_legal_entity_id.

     1. in case of error - return

  409 ("Only an author, employee with approval on care plan or med_admin from the same legal entity can unblock medication request")

  1. 1. 422 “Only an employee of the legal_entity where the medication request was blocked can unblock it“

Validation transition

• Get Medication request by $.id in OPS DB. Check that Medication request status = ‘ACTIVE’

  • in case of error - return 409 ("Medication request must be in active status")

• Get Medication request by $.id in OPS DB. Check that Medication request is blocked, i.e. is_blocked = trueblocked: blocked_to > now() (datetime)

  • in case of error - return 409 ("Medication request is already unblocked")

Validate block reason code

Validate $.block_reason_system should be “MEDICATION_REQUEST_UNBLOCK_REASON”

...

• Validate $.block_reason_code is a value from MEDICATION_REQUEST_UNBLOCK_REASON dictionary

  • in case of error - return 422 ("value is not allowed in enum")

• Check that $.block_reason_code is present in <EMPLOYEE_TYPE>_MEDICATION_REQUEST_UNBLOCK_REASON_CODES chart parameter for validated user

  • in case of error - return 422 ("Block reason code is not allowed for <employee_type>")

Validate legal entity type

• Validate type of legal entity which is related to blocking <> NHS. Using ops.medication_requests.(by $.id).block_legal_entity_id check in prm.legal_entities.type by id = block_legal_entity_id.

  • in case of error - return 422 ("It is not allowed to unblock medication request, which is blocked by NHS")

Service logic

1. Update Medication request in OPS DB:

   1. set isblocked_blocked to =  falsenull

   2. set blockblocked_reason_system = $.block_reason_systemby_legal_entity_id = null

   3. set block_reason_code = $.block_reason_code

   4. set block_reason = $.block_reasonnull

   5. set updated_by = user_id

   6. set updated_at = now()

   7. set block_legal_entity_id = legal entity id out of token

   Send SMS for person

   1. If Medication request has program with medical program setting medication_request_notification_disabledrequest_notification_disabled = true, then don't send SMS.

      Else:

      Get

2. Check SMS is needed:

   1. If $.block_reason_code=PRODUCTION_CANCEL:

      1. If authorize_with exists in medication request and is not empty, check:

         1. Authentication method exists in person_authentication_methods table in MPI DB (with is_active=true), is active (ended_at > now() or null)

         2. Get value of THIRD_PERSON_CONFIDANT_PERSON_RELATIONSHIP_CHECK config parameter, if it is set to true - for authentication method with type = THIRD_PERSON check that person from value is an approved confidant for a person from medication request – exists active and approved confidant person relationship between person from request and confidant_person_id from authentication method value (using following logic: https://e-health-ua.atlassian.net/wiki/spaces/PCAB/pages/17415995422/Check+confidant+person+relationship?search_id=93a57738-17bc-495d-9fe4-671722c2ac7a with person_id = person from request and confidant_person_id = value from auth method) - expected :ok, :approved response)

            1. in case any validation failed - do not send SMS to person

            2. else - get authentication_method from authorize_with

      2. If authorize_with does not exist in medication request or is empty - get authentication_method of person from MPI

      3. If authentication_method == OTP, then send SMS to a person from Medication request:

         1. Generate SMS text

            1. get template from unblock_template_sms parameter

            2. enrich template with data from Medication request

         2. Send SMS to a person

   2. Else $.block_reason_code is not PRODUCTION_CANCEL or Medication request has program with medical program setting request_notification_disabled = true - don't send SMS

3. Add new record in Event manager: