| Table of Contents |
|---|
Introduction
Web service "Submit Activity Type Package" allows to transmit new or update existing activity type, its related data and legal entity licenses to in e-Health system . in one call. Activity types are created/updated one by one.
Specification
TBC
Validation
...
- Verify the validity of access token
- in case of error return 401 ('Access denied')
- Check user scope activity_type:write in order to perform this action
- in case of error generate 403 response ('Invalid scopes')
Request validation
Note: All IDs, submitted as PK, should be unique for eHealth.
Validate digital signature
- Validate signature
- Extract signer Certificate details
Validate encoded signed content according to JSON Schema
- Return 422 with list of validation errors in case validation fails
Validate Legal Entity
- Check that legal_entities.is_active = true and legal_entities.status = active for current legal entity
- in case of error return 409 - "legal entity is not active"
- token.Client_id must match current legal entity
- in case of error return 422
- EDRPOU for token.client_id must match EDRPOU $.legal_entity.edrpou
- in case of error return 422
Validate Tax ID
- Check that EDRPOU in Certificate details exists and not empty
- Check that EDRPOU in Certificate details is valid according to ^[0-9]{8,10}$
- Check that EDRPOU in Certificate details is equal to $.legal_entity.edrpou
- In case validation fails - generate 422 error
- If EDRPOU in Certificate details is empty check that DRFO exists and not empty
- Check that DRFO in Certificate details is valid according to ^[0-9]{9,10}$
- Check that DRFO in Certificate details is equal to $.legal_entity.edrpou
- In case validation fails - generate 422 error
- In case EDRPOU and DRFO is empty return error 422, msg "EDRPOU and DRFO is empty in digital sign"
Validate Owner
- Check that one of token.user_id employees is OWNER of current legal_entity
- in case validation fails - generate ???
...