Versions Compared

Old Version 3

changes.mady.by.user Kateryna Haleta (SoE eHealth)

Saved on

compared with

New Version Current

changes.mady.by.user Kateryna Haleta (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

SubjectValidator13. Inform Authorize with

Validate value in the field $.inform_with authorize_with, string, optional.

  • Check that authentication method with type = 'THIRD_PERSON' is submitted in $.authorize_with for person(Composition.subject) that must be authorized by confidant person using following logic:

    1. persons age < no_self_registration_age global parameter;

    2. persons age between no_self_registration_age and person_full_legal_capacity_age global parameters and person does not have document with type from PERSON_LEGAL_CAPACITY_DOCUMENT_TYPES config parameter;

    3. persons age > person_full_legal_capacity_age global parameter and exists at least one active and approved confidant person relationship for person (using following process Check confidant person relationship with person_id = person_id from request - expected :ok, :approved response)

      1. in case of error - return 422 ('Authentication method with type THIRD_PERSON must be submitted for this person')

  • Check that $.inform_with is a valid uuid

    • in case error - return 422 ('string does not match pattern') with uuid regexp

  • Check that authentication method exists in MPI database, person_authentication_methods table (with is_active = true), belongs to the same patient as set in the create composition request, is active (ended_at > now() or ended_at is null) and type != NA

    • in case error - return 422 ('Authentication method doesn't exist, is inactive or does not belong to this person')

  • Get value of THIRD_PERSON_CONFIDANT_PERSON_RELATIONSHIP_CHECK config parameter, if it is set to true - for authentication method with type = ‘THIRD_PERSON’ check that person from value is an approved confidant for a patient from create composition request – exists active and approved confidant person relationship between person from request and person_id from authentication method value (using following logic: Check confidant person relationship with person_id = person_id from request and confidant_person_id = value from auth method - expected :ok, :approved response)

    1. in case of error - return 422 ('Authentication method doesn't exist, is inactive or does not belong to this person' 'Auth method is not active or confidant person relationship is invalid')