Versions Compared

Old Version 3

changes.mady.by.user Aleksandra Novokhatnia (Deactivated)

Saved on

compared with

New Version 4

changes.mady.by.user Aleksandra Novokhatnia (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

approve_request.graphml

Specification

Apiary

Service logic

  1. Only authenticated and authorized user can use this service
  2. Only NEW patient request can be activated
  3. The request can be activated only by the employee who works in the same legal entity in which the request was made.

Validate request

  1. Validate request using JSON schema
    1. In case validation failed - generate 422 error
Code Block
languagexml
titleJSON Schema
collapsetrue
{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "verification_code": {
      "type": "string"
    }
  },
  "required": [
    "verification_code"
  ],
  "additionalProperties": false
}


Authorize user

  1. Verify the validity of access token
    1. Return 401 in case validation fails
  2. Check

...

  1. scopes in order to perform this action
  1. In case error - generate 401 response

...

  1. (scope = 'patient_request:write')
    1. Return 403 in case invalid scope(s)

Get patient request details

Get declaration request from IL_DB.personpatient_request

Determine authorization method

Get authorization_method from IL_DB.personpatient_request

Code Block
languagesql
SELECT IL_DB.personpatient_request.authentication_method
FROM   IL_DB.personpatient_request
WHERE IL_DB.personpatient_request.id = :id

If authentication_method is NULL - return Error

...

Invoke verification module to verify OTP

OTP Verification

Change

...

patient request

...

  1. Change entity status in IL_DB.personpatient_request to APPROVED

  2. Set updated_at - now() (Get current date-time)

  3. Set updated_by - user_id (Extract user from token)