Versions Compared

Old Version 4

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

compared with

New Version 5

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
REST API method / Метод REST API (настанова) (
Info
Info

REST API method / Метод REST API (настанова) (remove the link block before publishing the document)

...

Page Properties
idpage_properties_method_REST API

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-005-004-002-0079

Microservices (namespace)

IL

Component

Declarations

Component ID

COM-005-004

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/declaration-requests/sign-declaration-request-v3

Resource

{{host}}/api/v3/declaration_requests/{{id}}/actions/sign

Scope

declaration_request:sign

Protocol type

REST

Request type

PATCH

Sync/Async

Sync

Public/Private

Public

Purpose

Describe the purpose of the API method, add Key points (if necessary)

Logic

Service logic

  1. Only authenticated and authorized user can use this service

  2. Only APPROVED declaration request can be signed

  3. The request can be signed only by the employee who works in the same legal entity in which the request was made.

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

...

parameters

 89678f60-4cdc-4fe3-ae83-e8b3ebd35c59

Input parameter

Mandatory

Type

Description

Example

1

composition_id

 M

String ($uuid) (path)

Composition object ID

2

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)Description of the REST API request structure, example

Expand
titleExample
Code Block

Headers

...

...

Value

...

Mandatory

...

Description

Example

...

Content-Type

...

application/json

...

M

...

Тип контенту

...

Content-Type:application/json

...

Authorization

...

Bearer c2778f3064753ea70de870a53795f5c9

...

M

...

Перевірка користувача

...

Code Block
Headers
Key
Value
Mandatory
Description
Example
1
2
3
Request data validation
Digital signature
Digital signature validation is different depending on channel
  • for channel PIS and status APPROVED there must be 2 signatures - one for patient and one for doctor
  • for channel MIS and status APPROVED there must be only 1 doctor’s signature
Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature(s) and returns result.
See service specification
Validate patient’s signature
This validation must be done in different ways depending on context:
  • if request is done by person itself (There is no confidant person in data_to_be_signed data_to_be_signed.person.confidant_person (or is nil)) - we must check that signer DRFO matches with person tax_id or document
  • if request is done by confidant person (There is confidant person in data_to_be_signed data_to_be_signed.person.confidant_person) - we must check that signer DRFO matches with confidant person tax_id or document
Request is done by person
  1. Check that DRFO in Certificate details exists and not empty
  2. Check that DRFO in Certificate details is equal to Person’s tax_id
    1. Get person_id from token
    2. Get Person details using person_id
    3. Compare DRFO in Certificate with person.tax_id
      1. Convert DRFO and TAX_ID to uppercase
      2. Compare DRFO and TAX_ID as Cyrillic letters
      3. Convert DRFO to Cyrillic and compare as Cyrillic letters
    4. In case validation fails - generate 422 error
Request is done by confidant person
  1. Check that DRFO in Certificate details exists and not empty
  2. Check that DRFO in Certificate details is equal to Confidant Person’s tax_id
    1. Get confidant_person from data_to_be_signed.person
    2. Compare DRFO in Certificate with person.tax_id
      1. Convert DRFO and TAX_ID to uppercase
      2. Compare DRFO and TAX_ID as Cyrillic letters
      3. Convert DRFO to Cyrillic and compare as Cyrillic letters
    3. In case validation fails - generate 422 error
Validate doctor’s signature
...
  1. Change entity status in IL_DB.declaration_request to SIGNED
  2. Set status_reason:
    1. If channel = MIS - set status_reason to doctor_signed
    2. If channel = PIS - set status_reason to doctor_approved_over_limit
  3. Set updated_at - now() (Get current date-time)
  4. Set updated_by - user_id (Extract user from token)
...
Response structure examples
See on API-specification (посилання на сторінку з API-специфікацією)
Description of the REST API response structure, example
 Expand
titleExample
 Code Block
...
COMPOSITION_NOT_FOUND_404UnauthorizedOnly for active MPI record can be created medication request!
Response code
HTTP Status code
Message
Internal name
Description
1
Базові
2
1000
404
Composition not found
Не знайдено медичний висновок
3
401
Помилка підтвердження
4
Специфічні
5
422
Post-processing processes
Description of actions performed on data after processing
Technical modules where the method is used
List of pages describing technical modules where the method is used
 Page Properties Report
headingsID ТМ, Статус
cqllabel = "tr-mis"
...