Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

  1. Use service request

Validations

Authorization

  • Verify the validity of access token
    • Return (401, 'unauthorized') in case of validation fails
  • Verify that token is not expired
    • in case of error - return (401, 'unauthorized')
  • Check user scopes in order to perform this action (scope = 'service_request:use')
    1. Return (403, 'invalid scopes') in case of invalid scope(s)

...

  • Check legal entity type: it has to be in me_allowed_transactions_le_types config parameter, has status = active and nhs_verified = trueactive 
    • in case of error return 409 "Action is not allowed for the legal entity"

...

  1. Get service request by ID
  2. Service request must be active
    1. $.status  == "active"
      1. in case of error return 409 "Invalid service request status"
  3. Service request must be unused
    1. $.used_by_legal_enity is empty object
      1. in case of error return 409 "Service request is already used"

Validate request

  1. Get token metadata
    1. Extract user_id, client_id, client_type
  2. Ensure that employee belongs to client
    1. $.used_by.identifier.type.coding[*].system == "eHealth/resources"
    2. $.used_by.identifier.type.coding[*].code == "employee"
    3. $.used_by.identifier.value must belong to client_id (prm.employees.legal_entity_id == :client_id)
      1. in case of error return 422 "You can assign service request only to employee within your legal entity"
  3. Check employee_type - only DOCTOR can use service request
    1. employee_type == DOCTOR
      1. in case of error, return 422 "Invalid employee type. Only doctor can use service request"
  4. Validate used_by_legal_entity is a current legal_entity
    1. $.used_by_legal_entity.identifier.value==token.client_id
      1. in case of error return 409 "You can assign service request only to your legal entity"
  5. Validate program according to Pre-Qualify rules.
    1. If program was not present in the service request and was not submitted in the request return 409 "Service request without a program cannot be used"
    2. Else validate
    3. it is an existing service program (type=service)
      1. in case not found or is_active==false return 422  "Program not found"
      2. in case type!= service return 422 "Invalid program type"
    4.  service(or service_group) is an active member of the program
      1. Select request_allowed, is_active from PRM.program_services where service_id(or group_id) == $.signed_content.code.identifier.value and program_id=$.program.identifier.value
        1. if not found or is_active==false return 422 "Service is not included in the program"
        2. if request_allowed==false return 422 "Service request is not allowed for this service(service_group) in this programm"

Service logic

  1. Update service request attributes
  2. Change program_processing_status to `in_queue`