Table of Contents |
---|
Purpose
This WS is designed to mark in error previously created Device request in case it was entered in error.
Specification
Apiaryhttps://medicaleventsmisapi.docs.apiary.io/#reference/device-requests/mark-in-error-device-request/mark-in-error-device-request
Authorization
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'device_request:mark_in_error')
return 403 (“Your scope does not allow to access this resource. Missing allowances: device_request:mark_in_error”) in case of invalid scope(s)
If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at > current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):
in case not match - return 403 ("Access denied. Party is not verified")
If BLOCK_DECEASED_PARTY_USERS is true, check that party is not deceased (party_verification record does not equal to: dracs_death_verification_status = VERIFIED and dracs_death_verification_reason = MANUAL_CONFIRMED):
in case of error - return 403 ("Access denied. Party is deceased")
Validations
Validate request
...
Validate request is signed
in case of error - return 400 (“Invalid signed content”)
Check DS is valid and not expired
Validate that DS belongs to the user
Check that DRFO from DS and party.tax_id matches
in case of error - return 422 (“Does not match the signer drfo“)
Validate user
Marking in error a Device Request is allowed for a user if he has one of the following active and approved employee that:
is an Employee from legal entity where Device Request is created
in case of error - return 409 ("Only an employee from legal entity where device request is created can mark it in error")
Validate transition
Get current device request status
Check that status != “entered_in_error”
in case of error - return 409 error ('Device request in status entered_in_error cannot be marked in error')
For more information look at [UPD] Device request status model.
Validate status reason
Validate $.status_reason.code is a value from device_request_mark_in_error_reasons dictionary
in case of error - return 422 ("value is not allowed in enum")
...
Save signed content to media storage
Update device request status to entered-in-error (update also updated_at, updated_by)
Get person's authentication_method of MPI
If authentication_method == OTP or THIRD_PERSON (with OTP),:
Check if sms notifications are enabled:
if device_request has a program specified
check that the specified program has setting
request_notification_disabled
set in false or the setting is absent, else
if device_request has no program specified
check config parameter
DEVICE_REQUESTS_SMS_ENABLED
is set in true
Generate text SMS with template
MARK_IN_ERROR_DEVICE_REQUEST_SMS_TEMPLATE
and send itSave internal information to corresponding DB
Send
StatusChangeEvent
to the Event Manager