Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

This WS is designed to change status of contract request to DECLINED by NHS ADMIN SIGNER. NHS employee can change status of contract request through Admin portal. If NHS Admin wants to decline contract request he/she need to enter a reason.

Design

TBD

Specification

apiary

json schema

Request

  • status_reason

Validation

Validate token

  • Verify the validity of access token
    • Return 401 in case validation fails
  • Check if token is not expired
    • in case error return 401 - "Token is expired"

Validate user

extract user_id from token

extract client_id from token

  • Check if user is active
    • in case error return 403 - (user is not active)
  • check nhs_legal_entity is active
    • in case error return 403 - (Client is not active)
  • Check user role = "NHS ADMIN SIGNER"
    • in case error return 403 "User is not allowed to perform this action"

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract_requests:update')
    • Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.

Validate EDRPOU

  1. Check that EDRPOU in Certificate details exists and not empty
    1. in case of error return 422 error ('Invalid EDRPOU in DS')
  2. Check that EDRPOU in Certificate details is equal to EDPOU in legal entity
    1. Get client_id from token.
    2. Find prm.legal_entities id by client_id
    3. Compare EDRPOU in Certificate with legal_entities.edrpou
    4. In case validation fails - generate 422 error
  3. Check that SURNAME in Certificate details is equal to LAST_NAME in Party
    1. Get user_id → user_parties.party_id → parties.last_name and compare to surname from DS
      1. Convert prm.parties.LAST_NAME and Certificate details.SURNAME to uppercase
      2. Compare prm.parties.LAST_NAME and Certificate details.SURNAME as Cyrillic letters
      3. In case validation fails - generate 422 error

Validate request

  1. Check that all fields are present in signed content
    1. "id"
    2. "contractor_legal_entity":
      1. "id"
      2. "name"
      3. "edrpou"
    3. "next_status"
    4. "status_reason"
    5.  "text"
  2. Check next_status='DECLINED'
  3. Validate contract request id.
    1. Check contract_requests.id = $.id
      1. in case error return 404 ("Contract request with id=$id doesn't exist")
  4. Validate contractor_legal_entity_id
    1. Legal_entities.id = $.contractor_legal_entity.id and Legal_entities.status='ACTIVE' and is_active=true,
      1. in case error return 422 ("Legal entity in contract request should be active")
    2. $contractor_legal_entity.edrpou in request=prm.legal_entities.edrpou
    3. $contractor_legal_entity.name in request=prm.legal_entities.name

Validate contract request status

  • Check contract_request.status=IN_PROCESS
    • in case error return 422 - "Incorrect status of contract_request to modify it"

Response

mapping

...

Save signed contract request to media storage

Get url for contract request upload.

...

Parameter

...

Source

...

Add status to event manager

After status was changed (status = APPROVED, DECLINED, TERMINATED, NHS_SIGNED or SIGNED) - add new status to event_manager

...

field

...

value

...

Table of Contents
minLevel1
maxLevel3

Purpose

This WS is designed to change status of contract request to DECLINED by NHS ADMIN SIGNER. NHS employee can change status of contract request through Admin portal. If NHS Admin wants to decline contract request he/she need to enter a reason

Specification

Page Properties

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-contracts/contract-request/private.-decline-contract-request-by-nhs

Resource

/api/contract_requests/{{id}}/actions/decline

Scope

contract_request:update

Components

Contracts

Microservices

API paragraph not found

Protocol type

REST

Request type

PATCH

Sync/Async

Sync

Public/Private/Internal

Private

Logic

Contract request only in status IN_RPOCESS could be declined. To decline contract next fields must be signed by NHS employee and sent by same NHS employee in base64 format (all fields below are required): In DS EDRPOU/DRFO must be equal to contractor_legal_entity.edrpou

Code Block
{
"id":"09106b70-18b0-4726-b0ed-6bda1369fd52",
"contractor_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454"
    },
"next_status": "DECLINED",
"status_reason": "Не відповідає попереднім домовленостям",
"text": "consent_text"
}

Input parameters

Input parameter

Values

Type

Description

Example

id

String

b075f148-7f93-4fc2-b2ec-2d81b19a9b7b

Request structure

See on Apiary

Example:

Expand
titleRequest example
Code Block
{
  "signed_content": "ew0KImlkIjoiMDkxMDZiNzAtMThiMC00NzI2LWIwZWQtNmJkYTEzNjlmZDUyIiwNCiJjb250cmFjdG9yX2xlZ2FsX2VudGl0eSI6IHsNCiAgICAgICJpZCI6ICJkZjlmNzBlZS00YjEyLTQ3NDAtYjBmNS1iYjVhZWExMTY4NjMiLA0KICAgICAgIm5hbWUiOiAi0JrQu9GW0L3RltC60LAg0J3QvtGD0L3QtdC50LwiLA0KICAgICAgImVkcnBvdSI6ICIzMjMyMzQ1NCINCiAgICB9LA0KInN0YXR1c19yZWFzb24iOiAi0J3QtSDQstGW0LTQv9C+0LLRltC00LDRlCDQv9C+0L/QtdGA0LXQtNC90ZbQvCDQtNC+0LzQvtCy0LvQtdC90L7RgdGC0Y/QvCINCiJ0ZXh0IjogInN0YXRpY190ZXh0Ig0KfQ==",
  "signed_content_encoding": "base64"
}

Authorize

Request to process the request using a token in the headers

Headers

  • Content-Type:application/json

  • Authorization:Bearer c2778f3064753ea70de870a53795f5c9

Validation data request

Validate request

  1. Check that all fields are present in signed content

    1. "id"

    2. "contractor_legal_entity":

      1. "id"

      2. "name"

      3. "edrpou"

    3. "next_status"

    4. "status_reason"

    5.  "text"

  2. Check next_status='DECLINED'

  3. Validate contract request id.

    1. Check contract_requests.id = $.id

      1. in case error return 404 ("Contract request with id=$id doesn't exist")

  4. Validate contractor_legal_entity_id

    1. Legal_entities.id = $.contractor_legal_entity.id and Legal_entities.status='ACTIVE' and is_active=true,

      1. in case error return 422 ("Legal entity in contract request should be active")

    2. $contractor_legal_entity.edrpou in request=prm.legal_entities.edrpou

    3. $contractor_legal_entity.name in request=prm.legal_entities.name

Validate token

  • Verify the validity of access token

    • Return 401 in case validation fails

  • Check if token is not expired

    • in case error return 401 - "Token is expired"

Validate user

extract user_id from token

extract client_id from token

  • Check if user is active

    • in case error return 403 - (user is not active)

  • check nhs_legal_entity is active

    • in case error return 403 - (Client is not active)

  • Check user role = "NHS ADMIN SIGNER"

    • in case error return 403 "User is not allowed to perform this action"

Validate scopes

  • Check user scopes in order to perform this action (scope = 'contract_requests:update')

    • Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: contract_requests:update"

Validate EDRPOU

  1. Check that EDRPOU in Certificate details exists and not empty

    1. in case of error return 422 error ('Invalid EDRPOU in DS')

  2. Check that EDRPOU in Certificate details is equal to EDPOU in legal entity

    1. Get client_id from token.

    2. Find prm.legal_entities id by client_id

    3. Compare EDRPOU in Certificate with legal_entities.edrpou

    4. In case validation fails - generate 422 error

  3. Check that SURNAME in Certificate details is equal to LAST_NAME in Party

    1. Get user_id → user_parties.party_id → parties.last_name and compare to surname from DS

      1. Convert prm.parties.LAST_NAME and Certificate details.SURNAME to uppercase

      2. Compare prm.parties.LAST_NAME and Certificate details.SURNAME as Cyrillic letters

      3. In case validation fails - generate 422 error

Validate DRFO

  1. Get parties.tax_id using party_users.party_id by user_id.

  2. Compare DRFO in Certificate with party.tax_id

    1. Convert DRFO and TAX_ID to uppercase

    2. Compare DRFO and TAX_ID as Cyrillic letters

    3. Convert DRFO to Cyrillic and compare as Cyrillic letters

  3. In case validation fails - generate 422 error

Validate contract request status

  • Check contract_request.status=IN_PROCESS

    • in case error return 422 - "Incorrect status of contract_request to modify it"

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.

Processing

Save signed contract request to media storage

  1. Get url for contract request upload.

Parameter

Source

action

'GET'

bucket

'CONTRACT_REQUEST'

resource_id

: CONTRACT_REQUEST_ID

resource_name

: CONTRACT_REQUEST_DECLINED

timestamp

:TIMESTAMP

  1. Upload signed declaration to media storage

Add status to event manager

After status was changed (status = APPROVED, DECLINED, TERMINATED, NHS_SIGNED or SIGNED) - add new status to event_manager

field

value

event_type

StatusChangeEvent

entity_type

Contract_request

entity_id

$.id

properties.status.new_value

$.status

event_time

$.update_at

changed_by

$.changed_by

Response structure

See on Apiary

Example:

Expand
titleResponse example
Code Block
{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "id": "09106b70-18b0-4726-b0ed-6bda1369fd52",
    "contract_type": "CAPITATION",
    "contractor_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454",
      "addresses": [
        {
          "type": "RESIDENCE",
          "country": "UA",
          "area": "Житомирська",
          "region": "Бердичівський",
          "settlement": "Київ",
          "settlement_type": "CITY",
          "settlement_id": "b075f148",
          "street_type": "STREET",
          "street": "вул. Ніжинська",
          "building": "15",
          "apartment": "23",
          "zip": "02090"
        }
      ]
    },
    "contractor_owner": {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "party": {
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      }
    },
    "contractor_base": "на підставі закону про Медичне обслуговування населення",
    "contractor_payment_details": {
      "bank_name": "Банк номер 1",
      "MFO": "351005",
      "payer_account": "32009102701026"
    },
    "contractor_rmsp_amount": 50000,
    "contractor_divisions": [
      {
        "id": "2922a240-63db-404e-b730-09222bfeb2dd",
        "name": "Бориспільське відділення Клініки Ноунейм",
        "addresses": [
          {
            "type": "RESIDENCE",
            "country": "UA",
            "area": "Житомирська",
            "region": "Бердичівський",
            "settlement": "Київ",
            "settlement_type": "CITY",
            "settlement_id": "b075f148",
            "street_type": "STREET",
            "street": "вул. Ніжинська",
            "building": "15",
            "apartment": "23",
            "zip": "02090"
          }
        ],
        "phones": [
          {
            "type": "MOBILE",
            "number": "+380503410870"
          }
        ],
        "email": "email@example.com",
        "working_hours": {
          "mon": [
            [
              "08.00",
              "12.00"
            ],
            [
              "14.00",
              "18.00"
            ]
          ],
          "tue": [
            [
              "08.00",
              "12.00"
            ]
          ],
          "wed": [
            [
              "08.00",
              "12.00"
            ]
          ],
          "thu": [
            [
              "08.00",
              "12.00"
            ]
          ],
          "fri": [
            [
              "08.00",
              "12.00"
            ]
          ]
        },
        "mountain_group": false
      }
    ],
    "contractor_employee_divisions": [
      {
        "employee": {
          "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
          "party": {
            "first_name": "Петро",
            "last_name": "Іванов",
            "second_name": "Миколайович"
          },
          "speciality": {
            "speciality": "THERAPIST",
            "speciality_officio": true,
            "level": "FIRST",
            "qualification_type": "AWARDING",
            "attestation_name": "Академія Богомольця",
            "attestation_date": "2017-02-28",
            "valid_to_date": "2020-02-28",
            "certificate_number": "AB/21331"
          }
        },
        "staff_units": 0.5,
        "declaration_limit": 2000,
        "division_id": "2922a240-63db-404e-b730-09222bfeb2dd"
      }
    ],
    "external_contractor_flag": true,
    "external_contractors": [
      {
        "legal_entity": {
          "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
          "name": "Клініка Ноунейм"
        },
        "contract": {
          "number": "1234567",
          "issued_at": "2018-01-01",
          "expires_at": "2019-01-01"
        },
        "divisions": [
          {
            "id": "2922a240-63db-404e-b730-09222bfeb2dd",
            "name": "Бориспільське відділення Клініки Ноунейм",
            "medical_service": "Послуга ПМД"
          }
        ]
      }
    ],
    "id_form": "PMD_1",
    "nhs_signer": {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "party": {
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      }
    },
    "nhs_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454",
      "addresses": [
        {
          "type": "RESIDENCE",
          "country": "UA",
          "area": "Житомирська",
          "region": "Бердичівський",
          "settlement": "Київ",
          "settlement_type": "CITY",
          "settlement_id": "b075f148",
          "street_type": "STREET",
          "street": "вул. Ніжинська",
          "building": "15",
          "apartment": "23",
          "zip": "02090"
        }
      ]
    },
    "nhs_signer_base": "на підставі наказу",
    "nhs_contract_price": 50000,
    "nhs_payment_method": "BACKWARD",
    "status": "NEW",
    "status_reason": "Не відповідає попереднім домовленостям",
    "issue_city": "Київ",
    "contract_number": "0000-9EAX-XT7X-3115",
    "contract_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
    "parent_contract_id": "22e416c4-5747-41cd-9f73-c3a85cdee885",
    "start_date": "2017-04-20",
    "end_date": "2017-04-20",
    "printout_content": "Contract request content",
    "previous_request_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
    "assignee_id": "22e416c4-5747-41cd-9f73-c3a85cdee885"
  }
}

Expand
titleResponse example
Code Block
{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "id": "09106b70-18b0-4726-b0ed-6bda1369fd52",
    "contract_type": "REIMBURSEMENT",
    "contractor_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454",
      "addresses": [
        {
          "type": "RESIDENCE",
          "country": "UA",
          "area": "Житомирська",
          "region": "Бердичівський",
          "settlement": "Київ",
          "settlement_type": "CITY",
          "settlement_id": "b075f148",
          "street_type": "STREET",
          "street": "вул. Ніжинська",
          "building": "15",
          "apartment": "23",
          "zip": "02090"
        }
      ]
    },
    "contractor_owner": {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "party": {
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      }
    },
    "contractor_base": "на підставі закону про Медичне обслуговування населення",
    "contractor_payment_details": {
      "bank_name": "Банк номер 1",
      "MFO": "351005",
      "payer_account": "32009102701026"
    },
    "id_form": "RMB-1",
    "nhs_signer": {
      "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
      "party": {
        "first_name": "Петро",
        "last_name": "Іванов",
        "second_name": "Миколайович"
      }
    },
    "nhs_legal_entity": {
      "id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
      "name": "Клініка Ноунейм",
      "edrpou": "32323454",
      "addresses": [
        {
          "type": "RESIDENCE",
          "country": "UA",
          "area": "Житомирська",
          "region": "Бердичівський",
          "settlement": "Київ",
          "settlement_type": "CITY",
          "settlement_id": "b075f148",
          "street_type": "STREET",
          "street": "вул. Ніжинська",
          "building": "15",
          "apartment": "23",
          "zip": "02090"
        }
      ]
    },
    "nhs_signer_base": "на підставі наказу",
    "nhs_contract_price": 50000,
    "nhs_payment_method": "BACKWARD",
    "status": "NEW",
    "status_reason": "Не відповідає попереднім домовленостям",
    "issue_city": "Київ",
    "contract_number": "0000-9EAX-XT7X-3115",
    "contract_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
    "parent_contract_id": "22e416c4-5747-41cd-9f73-c3a85cdee885",
    "start_date": "2017-04-20",
    "end_date": "2017-04-20",
    "printout_content": "Contract request content",
    "previous_request_id": "df9f70ee-4b12-4740-b0f5-bb5aea116863",
    "assignee_id": "22e416c4-5747-41cd-9f73-c3a85cdee885",
    "medical_programs": [
      "3914a240-63db-404e-b730-09222bfeb2d0"
    ]
  }
}

Response mapping

field

value

status

DECLINED

status_reason

$.status_reason

updated_at

now()

updated_by

$.user_id

nhs_signer_id

$.user_id

nhs_legal_entity_id

$.client_id

Post-processing processes

API paragraph not found

HTTP status codes

HTTP status code

Message

What caused the error

 200