Table of Contents |
---|
...
Validations
Authorization
- Verify the validity of access token
- Return (401, 'unauthorized') in case of validation fails
- Verify that token is not expired
- in case of error - return (401, 'unauthorized')
- Check user scopes in order to perform this action (scope = 'service_request:use')
- Return (403, 'invalid scopes') in case of invalid scope(s)
...
- Get service request by ID
- Service request must be active
- $.status == "active"
- in case of error return 409 "Invalid service request status"
- $.status == "active"
- Service request must be unused
- $.used_by is empty object
- in case of error return 409 "Service request is already used"
- $.used_by is empty object
Validate employee
Employee to whom service request is assigned must belong to the same legal entity as the requestor
- Get token metadata
- Extract user_id, client_id, client_type
- Ensure that employee belongs to client
- $.used_by.identifier.type.coding[*].system == "eHealth/resources"
- $.used_by.identifier.type.coding[*].code == "employee"
- $.used_by.identifier.value must belong to client_id (prm.employees.legal_entity_id == :client_id)
- in case of error return 422 "You can assign service request only to employee within your legal entity"
- Check employee_type - only DOCTOR can use service request
- employee_type == DOCTOR
- in case of error, return 422 "Invalid employee type. Only doctor can use service request"
- employee_type == DOCTOR
Validate medical program
- validate by json schema
- validate id is real medical program in prm and type='SERVICE'
- in case error return 422, "Medical program with id $id is not found"
- validate medical program is_active=true
- in case error return 422, "Medical program with id $id is not active"
Qualify service request
- if medical program exists in request
- invoke qualify for medical program in in use request
- if not exists
- invoke qualify in SR
Service logic
- Update service request attributes
- Set Medical Events DB: service_requests[<id>].used_by = Request: $.used_by
- if medical program exists in request
- Set Medical Events DB: service_requests[<id>].medical_program = Request: $.medical_program.identifier.value