Versions Compared

Old Version 6

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

compared with

New Version 7

changes.mady.by.user Anastasiia Prokhorova (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

REST API method / Метод REST API (настанова) /wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

...

Properties of a REST API method document

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-010-001-005-0375

Microservices (namespace)

MPI

Component

Master Patient Index

Component ID

COM-010-001

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/person-requests/create/update-person-request

Resource

{{host}}/api/person_requests

Scope

person_request:write

Protocol type

REST

Request type

POST

Sync/Async

Sync

Public/Private

Public

...

Input parameter

Mandatory

Type

Description

Example

1

composition_id

 M

String ($uuid) (path)

Composition object ID

 89678f60-4cdc-4fe3-ae83-e8b3ebd35c59

2

 

 

 

 

 

Request structure

See on API-specification

...

  1. Verify the validity of access token

    1. Return (401, 'Invalid access token') in case of validation fails

  2. Verify that token is not expired

    1. in case of error - return (401, 'Invalid access token')

  3. Check user scopes in order to perform this action (scope = 'person_request:write')

    • Return (403, 'Your scope does not allow to access this resource. Missing allowances: person_request:write') in case of invalid scope(s)

  4. validate client_id belongs to legal_entity with type in ('MSP', 'OUTPATIENT', 'EMERGENCY', 'PRIMARY_CARE')

    1. Return (401, 'Invalid legal entity type') in case of validation fails

  5. If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    1. in case not match - return 403 ("Access denied. Party is not verified")

  6. If BLOCK_DECEASED_PARTY_USERS is true, check that party is not deceased (party_verification record does not equal to: dracs_death_verification_status = VERIFIED and dracs_death_verification_reason = MANUAL_CONFIRMED):

    1. in case of error - return 403 ("Access denied. Party is deceased")

  7. validate user belongs to employee with type in "Doctor, Specialist, Receptionist, Assistant"

    1. in case error return 409

Headers

Key

Value

Mandatory

Description

Example

1

Content-Type

application/json

Тип контенту

Content-Type:application/json

2

Authorization

Bearer {{access_token}}

Перевірка користувача

Authorization:Bearer {{access_token}}

3

 api-key

 {{secret}}

 

 Секретний ключ

 api-key:{{secret}}

...

  1. issued_at, issued_by is mandatory for documents

  2. Validate dates

    1. issued_at <= now() and issued_at => birth_date

      1.  in case `issued_at > now()` show error 422, "Document issued date should be in the past"

      2.  in case `issued_at < person.birth_date` show error 422, "Document issued date should greater than person.birth_date "

    2. expiration_date > now()

      1.  in case error show 422, "Document expiration_date should be in future"

      2. expiration_date is mandatory for document_type

        • NATIONAL_ID

        • COMPLEMENTARY_PROTECTION_CERTIFICATE

        • PERMANENT_RESIDENCE_PERMIT

        • REFUGEE_CERTIFICATE

        • TEMPORARY_CERTIFICATE

        • TEMPORARY_PASSPORT

      3. in case error return 422, "expiration_date is mandatory for document_type $.documents.type"

  3. Validate documents_type.number according to json schema 

    1. PASSPORT - `^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$`

    2. NATIONAL_ID - `^[0-9]{9}$`

    3. BIRTH_CERTIFICATE - `^((?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]){2,25}$`

    4. COMPLEMENTARY_PROTECTION_CERTIFICATE - `^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$`

    5. REFUGEE_CERTIFICATE - `^((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{6}$`

    6. TEMPORARY_CERTIFICATE - `^(((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{4,6}|[0-9]{9}|((?![ЫЪЭЁ])([А-ЯҐЇІЄ])){2}[0-9]{5}\\/[0-9]{5})$`

    7. TEMPORARY_PASSPORT - `^((?![ЫЪЭЁыъэё@%&$^#`~:,.*|}{?!])[A-ZА-ЯҐЇІЄ0-9№\\/()-]){2,25}$`

  4. if unzr exists and is not null, check pattern match "^[0-9]{8}-[0-9]{5}$"

    1. in case error return 422, msg 'string does not match pattern \"%{pattern}\"'

  5. if documents.type=NATIONAL_ID

    1. check if unzr exists in request, in case error return 422, msg "unzr is mandatory for document type NATIONAL_ID"

  6. Document numbersmaxLength < 25 

...

Each link is generated for one one-page document in .pdf, .jpg, .png, .bmp format. Document should be no more than 20 MB. For each type of documents, if couple of rules worked - only one single link is generated.

  1. Validate flag no_tax_id, if $.person_request.person.no_tax_id = true:

    1. Generate URL with type person.no_tax_id

  2. Validate if $.person_request.person.tax_id is not empty and $.person_request.person.no_tax_id = false then

    1. If (GetBirthDateFromTaxId($.tax_id) != $.birth_date) or (GetGenderFromTaxId($.tax_id) != $.gender) or CheckValidity($.tax_id) = false (i.e. invalid checksum) then

      • Generate URL with type person.tax_id

  3. Validate block confidant person. If person.confidant is not null:

    1. Generate URL's with type confidant_person.{confidant_person.type}.{$.person_request.person.confidant_person.[:].documents_relationship.[:].type}

    2. Generate URL's with type confidant_person.{confidant_person.type}.{$.person_request.person.confidant_person.[:].documents_person.[:].type}

  4. Validate block of person documents. If one of the documents has document.type = BIRTH_CERTIFICATE_FOREIGN and there is no same document in {$.person_request.person.confidant_person.[:].documents_relationship.[:]}

    and age < no_self_auth_age then

    1. Generate URL with type person.{$.person_request.person.documents.[with type BIRTH_CERTIFICATE_FOREIGN].type}

  5. Validate block of person documents. If one of the documents has document.type = PERMANENT_RESIDENCE_PERMIT and age >= no_self_auth_age then

    1. Generate URL with type person.{$.person_request.person.documents.[with type PERMANENT_RESIDENCE_PERMIT].type}

  6. Validate authentication_method. If authentication method = OFFLINE or third_person (and this third_person.auth_method = OFFLINE) - 

    1. Generate URL's with type person.{$.person_request.person.documents.[:].type} (or Generate URL's with type third_person.{$.third_person.documents.[:].type})

  7. Validate unzr. If $.person_request.person.unzr is not empty and first 8 digits of $.person_request.person.unzr != $.person_request.person.birth_date then

    1. Generate URL with type person.{$.person_request.person.unzr}

Invoke Media Content Storage to generate upload URL for each document obtained by executing logic above

...

Update person’s data with empty value of the second name is possible by setting second_name = null.

Authorize

  1. Verify the validity of access token

  2. Check user scope person_request:write in order to perform this action

Request data validation

Validate request

...

Each link is generated for one one-page document in jpeg format. Document should be no more than 10MB. For each type of documents only one single link is generated.

  1. Validate flag no_tax_id, if $.person_request.person.no_tax_id = true:

    1. Generate URL with type person.no_tax_id

  2. Validate if $.person_request.person.tax_id is not empty and $.person_request.person.no_tax_id = false then

    1. If (GetBirthDateFromTaxId($.tax_id) != $.birth_date) or (GetGenderFromTaxId($.tax_id) != $.gender) or CheckValidity($.tax_id) = false (i.e. invalid checksum) then

      • Generate URL with type person.tax_id

  3. Validate block confidant person. If person.confidant is not null:

    1. Generate URLs with type confidant_person.{confidant_person.type}.{$.person_request.person.confidant_person.[:].documents_relationship.[:].type}

    2. Generate URLs with type confidant_person.{confidant_person.type}.{$.person_request.person.confidant_person.[:].documents_person.[:].type}

  4. Validate block of person documents. If one of the documents has document.type = BIRTH_CERTIFICATE_FOREIGN and there is no same document in {$.person_request.person.confidant_person.[:].documents_relationship.[:]}

    and age < no_self_auth_age then

    1. Generate URL with type person.{$.person_request.person.documents.[with type BIRTH_CERTIFICATE_FOREIGN].type}

  5. Validate block of person documents. If one of the documents has document.type = PERMANENT_RESIDENCE_PERMIT and age >= no_self_auth_age then

    1. Generate URL with type person.{$.person_request.person.documents.[with type PERMANENT_RESIDENCE_PERMIT].type}

  6. Validate authentication_method. If authentication method = OFFLINE or third_person (and this third_person.auth_method = OFFLINE) - 

    1. Generate URLs with type person.{$.person_request.person.documents.[:].type} (or Generate URL's with type third_person.{$.third_person.documents.[:].type})

  7. Validate unzr. If $.person_request.person.unzr is not empty and first 8 digits of $.person_request.person.unzr != $.person_request.person.birth_date then

    1. Generate URL with type person.{$.person_request.person.unzr}

Code Block
{
   "documents":[
      {
         "type":"person.no_tax_id",
         "url": "https://storage.googleapis.com/..."
      }
   ]
}

...

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

201

Response

3

401

Invalid access token

4

401

Invalid legal entity type

5

403

Access denied. Party is not verified

6

403

Your scope does not allow to access this resource. Missing allowances: person_request:write

7

409

Invalid legal entity type

8

409

Such person can't be updated. Deduplication update score is lower than system value (less changes should be made)

9

409

Such person exists. Update this person

10

 

422

Confidant person is mandatory for children

 

11

422

Cannot be confirmed by a method with type= NA. Use a different method.

12

422

Document expiration_date should be in future

13

422

Document issued date should be in the past

14

422

Document issued date should greater than person.birth_date

15

422

Expiration_date is mandatory for document_type $.documents.type

16

422

Incorrect person age for such an action

17

422

Required property %{property} was not present

18

422

Required property patient_signed was not present

19

422

Schema does not allow additional properties

20

422

String does not match pattern ...

21

422

Such person doesn't exist

22

422

Such a phone already exists more N times

23

422

Such authentication method doesn't exist

24

422

Such authentication method does not belong to this person

25

422

This phone number is present more then $.global_parameters.phone_number_auth_limit times in the system

26

422

Unverified phone number

27

422

Unzr is mandatory for document type NATIONAL_ID

28

422

Unzr or birthdate are not correct

29

422

Value is not allowed in enum

30

Специфічні

31

 

422

Only for active MPI record can be created medication request!

 

 

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

Название

ID ТМ

Статус

/wiki/spaces/ESOZ/pages/17378181218

TM0112

/wiki/spaces/YK/pages/17837688354

...