...

1. Verify the validity of access token
   
   1. Return 401 in case validation fails
2. Check scopes in order to perform this action (scope = 'patientperson_request:write')
   1. Return 403 in case invalid scope(s)

...

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
See service specification

Validate DRFO

1. Check that DRFO in Certificate details exists and not empty
2. Check that DRFO in Certificate details is equal to DRFO in Party
   1. Get party.tax_id using employee_id in person payload
   2. Compare DRFO in Certificate with party.tax_id
      1. Convert DRFO and TAX_ID to uppercase
      2. Compare DRFO and TAX_ID as Cyrillic letters
      3. Convert DRFO to Cyrillic and compare as Cyrillic letters
   3. In case validation fails - generate 422 error

...

Patient request can be signed by any employee with necessary scopes in equal legal_entity_id.

1. Check that ID in URL exists in the system
   1. Return 401 in case validation fails
2. Check that patient request belongs to the same legal entity as the user
   1. In case of error - return 403

Check "patient_signed" flag

• If "patient_signed" is not present in request, return 422 ("required property patient_signed was not present")
• If "patient_signed"=false in request, return 422 ("value is not allowed in enum")

...

1. Change entity status in IL_DB.patient_request to SIGNED

2. Set updated_at - now() (Get current date-time)

3. Set updated_by - user_id (Extract user from token)

Create person

After singed patient request create new person on DB.mpi.

Calculate the end date of the person_aus_method and set as default

These params set only if person is creating (so after Create person request)

If person has auth_method = third_person, add in table person_auth_methods row with type = THIRD_PERSON, value = id (third_person_id), alias

...

End date:

...

...