Table of Contents |
---|
...
- Verify the validity of access token
- in case of error return 401 ('Access denied')
- Check user scope activity_type:write in order to perform this action
- in case of error generate 403 response ('Invalid scopes')
Request validation
Note: All IDs, submitted as PK, should be unique for eHealth when creating new record
...
- Validate signature
- Extract signer Certificate details
Validate encoded signed content according to JSON Schema
- Return 422 with list of validation errors in case validation fails
Validate Legal Entity
- Check that legal_entities.is_active = true and legal_entities.status = active for current legal entity
- in case of error return 409 - "legal entity is not active"
- token.Client_id must match current legal entity
- in case of error return 422
- EDRPOU for token.client_id must match EDRPOU $.legal_entity.edrpou
- in case of error return 422
Validate Tax ID
- Check that EDRPOU in Certificate details exists and not empty
- Check that EDRPOU in Certificate details is valid according to ^[0-9]{8,10}$
- Check that EDRPOU in Certificate details is equal to $.legal_entity.edrpou
- In case validation fails - generate 422 error
- If EDRPOU in Certificate details is empty check that DRFO exists and not empty
- Check that DRFO in Certificate details is valid according to ^[0-9]{9,10}$
- Check that DRFO in Certificate details is equal to $.legal_entity.edrpou
- In case validation fails - generate 422 error
- In case EDRPOU and DRFO is empty return error 422, msg "EDRPOU and DRFO is empty in digital sign"
...
- Search for current legal entity license in prm.licenses where is_active = true and id = $.license.id
- if record is found update it
- Note: type is not update
- if record is not found create new record
- set nhs_verified = false
- if record is found update it
- Search for current legal entity activity type in prm.activity_types where is_active = true and id = $.activity_type.id
- If record is found update it
- Note: type is not updated
- if prm.activity_types.status <> active then set prm.activity_types.status = active, write to audit_log
- if record is not found create new record with status = active
- set nhs_verified = false
- If record is found update it
- Find contracts by contractor_legal_entity_id for current legal entity where status='VERIFIED' AND ops.contracts.type corresponding to activity_type (use ops.contracts.type to activity_type mapping described in
https://zube.io/edenlabllc/e-health/c/5969:
capitation_activity_types: PRIMARY_CARE,
reimbursement_activity_types: PHARMACY)
- set ops.contracts.is_suspended=true
- Save signed_content to Media Storage
- Save data to corresponding collections in DBs
- Save link to the signed content to the activity type
...