Table of Contents |
---|
...
- Verify the validity of access token
- in case of error return 401 ('Access denied')
- Check user scope activity_type:write in order to perform this action
- in case of error generate 403 response ('Invalid scopes')
Request validation
Note: All IDs, submitted as PK, should be unique for eHealth.
...
- Validate signature
- Extract signer Certificate details
Validate encoded signed content according to JSON Schema
- Return 422 with list of validation errors in case validation fails
Validate Legal Entity
- Check that legal_entities.is_active = true and legal_entities.status = active for current legal entity
- in case of error return 409 - "legal entity is not active"
- token.Client_id must match current legal entity
- in case of error return 422
- EDRPOU for token.client_id must match EDRPOU $.legal_entity.edrpou
- in case of error return 422
Validate Tax ID
- Check that EDRPOU in Certificate details exists and not empty
- Check that EDRPOU in Certificate details is valid according to ^[0-9]{8,10}$
- Check that EDRPOU in Certificate details is equal to $.legal_entity.edrpou
- In case validation fails - generate 422 error
- If EDRPOU in Certificate details is empty check that DRFO exists and not empty
- Check that DRFO in Certificate details is valid according to ^[0-9]{9,10}$
- Check that DRFO in Certificate details is equal to $.legal_entity.edrpou
- In case validation fails - generate 422 error
- In case EDRPOU and DRFO is empty return error 422, msg "EDRPOU and DRFO is empty in digital sign"
Validate Licenses
- Validate $.license.id as unique
- Search for current legal entity license in prm.licenses where is_active = true and id = $.license.id
- If record is found then check that its type = $.license.type
- in case validation fails - generate ???
- If record is found then check that its type = $.license.type
Validate Activity Type
- Validate $.activity_type.id as unique
- Check $.activity_type.activity_type license obligation and license type needed (via configuration)
- If license is a must:
- check that $.activity_type.license_id is not empty
- in case validation fails - generate ???
- check that license with $.activity_type.license_id exists in payload and $.license.type is of needed type OR (license with $.activity_type.license_id exists in prm.licenses for current legal entity and prm.licenses.expiry_date is empty or more than today AND prm.licenses.type is of needed type)
- in case validation fails - generate ???
- check that $.activity_type.license_id is not empty
- If license is a must:
- Search for current legal entity activity type in prm.activity_types where is_active=true and type = $.activity_type.type
- If record is found then check that its id is equal to $.activity_type.id
- in case validation fails - generate ???
- If record is found then check that its id is equal to $.activity_type.id
Validate Licenses
...
Processing
- Search for current legal entity license in prm.licenses where is_active = true and id = $.license.id
- if record is found update it
- Note: type is not updated
- if record is not found create new record
- set nhs_verified = false
- if record is found update it
- Search for current legal entity license activity type in prm.licenses activity_types where is_active = true and type id = $.license.type
- If record is found then check that its id is equal to $.license.id
...
- activity_type.id
- If record is found update it
- Note: type is not updated
- if record is not found create new record
- set nhs_verified = false
- If record is found update it
- Find contracts by contractor_legal_entity_id for current legal entity where status='VERIFIED' AND ops.contracts.type corresponding to activity_type
- set ops.contracts.is_suspended=true
ops.contracts.type to activity_type mapping:
https://zube.io/edenlabllc/e-health/c/5969
capitation_activity_types: PRIMARY_CARE,reimbursement_activity_types: PHARMACY
- Save signed_content to Media Storage
- Save data to corresponding collections in DBs
- Save link to the signed content to the activity type
...