Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Оновлено відповідно до наданої вендором документації.

Table of Contents

Related information

(Deprected) IL.Sign declaration request

Required parameters are marked with "*"

...

Purpose*

This method is used to sign Declaration Request.

Specification*

...

Link

...

Apiary

Specification

Link

https://uaehealthapi.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/declaration-requests/sign-declaration-request-v3

Resource

/api/v3/declaration_requests/{{id}}/actions/sign

Scope

declaration_request:sign

Components

Необхідно зазначити перелік компонентів, які використовують цей метод, наприклад: ePrescription

Declarations

Using

Dictionaries

Потрібно вказати словники, які використовує метод API

Using Microservices

Вкажіть перелік мікросервісів, які використовує метод API. Наприклад: Auth, ABAC

Microservices

il/api

ops/api

Protocol type

Вкажіть тип протоколу, який використовується запитом, наприклад: SOAP |

REST

| JSON

Request type

PATCH

Sync/Async

Метод є синхронним чи асинхронним?

...

Sync

Public/Private/Internal

Public

The process is initiated by any employee with necessary scopes in this legal entity and involves the transfer of a signed person with electronic digital signature. 

Process is asynchronous. If all validations are successfully completed, the asynchronous process of creating a person starts by processing the message.

Service logic

  1. Only authenticated and authorized user can use this service

  2. Only APPROVED declaration request can be signed

  3. The request can be signed only by the employee who works in the same legal entity in which the request was made.

Method receives signed message (pkcs7) including signed content, digital signature and signer public key in signed_content property. All signature fields will be validated (including signer certificate authority).

This service will store signed copy of Declaration Request in Media Content Storage, create declaration if signature is all checks is passed.

Signed content MUST consists of JSON object with Declaration Request data from field data_to_be_signed. Object that need to be signed is returned by Get Declaration request by ID or Approve declaration request response, JSON.Path: $.data.data_to_be_signed. Patient must re-read and sign declaration print form and after that patient_signed should be changed to TRUE.

...

Authorize user

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'declaration_request:sign

...

Important

Invoke Get Declaration Request by ID to obtain seed - Hash of previous block in declarations chain or other random component that should be signed with declaration.

There is a dummy method that describes the signed date example.

Preconditions

...

  1. ')

    1. Return 403 in case invalid scope(s)

Digital signature

Digital signature validation is different depending on channel

  • for channel PIS and status APPROVED there must be 2 signatures - one for patient and one for doctor

  • for channel MIS and status APPROVED there must be only 1 doctor’s signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature(s) and returns result.
See service specification

Input parameters

...

Filter

...

Values

...

Type

...

Description

...

Example

...

 id

...

 

...

String

...

declaration ID

...

7f93-4fc2-b2ec-2d81b19a9b7b

Request structure*

See on Apiary

This request contains base64 coded content which was signed by digital sign. There is a dummy method that describes the signed date example.

Code Block
{
  "signed_declaration_request": "ewogICJpZCI6ICJiMDk5ZjE0OC03ZjkzLTRmYzItYjJlYy0yZDgxYjE5YTliN2IiLAogICJkZWNsYXJhdGlvbl9udW1iZXIiOiAiMDAwMC0xMkg0LTI0NUQiLAogICJkZWNsYXJhdGlvbl9pZCI6ICI4MzExYWI4Mi1lMzQxLTRkYTAtOGE5NS0yMzVlYzk4ODVlMjMiLAogICJzdGFydF9kYXRlIjogIjIwMTctMDMtMDIiLAogICJlbmRfZGF0ZSI6ICIyMDE3LTAzLTAyIiwKICAiY29udGVudCI6ICJEZWNsYXJhdGlvbiBjb250ZW50IiwKICAiY2hhbm5lbCI6ICJNSVMiLAogICJwZXJzb24iOiB7CiAgICAiaWQiOiAiNWZiNTdhNWQtMTQ1Ny00MzBlLTk2NzgtYzgxY2VjNzI3NzlmIiwKICAgICJmaXJzdF9uYW1lIjogItCf0LXRgtGA0L4iLAogICAgImxhc3RfbmFtZSI6ICLQhtCy0LDQvdC+0LIiLAogICAgInNlY29uZF9uYW1lIjogItCc0LjQutC+0LvQsNC50L7QstC40YciLAogICAgImJpcnRoX2RhdGUiOiAiMjAwOS0wNy0wNSIsCiAgICAiYmlydGhfY291bnRyeSI6ICLQo9C60YDQsNGX0L3QsCIsCiAgICAiYmlydGhfc2V0dGxlbWVudCI6ICLQktGW0L3QvdC40YbRjyIsCiAgICAiZ2VuZGVyIjogIk1BTEUiLAogICAgImVtYWlsIjogImVtYWlsQGV4YW1wbGUuY29tIiwKICAgICJub190YXhfaWQiOiBmYWxzZSwKICAgICJ0YXhfaWQiOiAiMzk5OTg2OTM5NCIsCiAgICAic2VjcmV0IjogInNlY3JldCIsCiAgICAiZG9jdW1lbnRzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiQklSVEhfQ0VSVElGSUNBVEUiLAogICAgICAgICJudW1iZXIiOiAi0JDQkDEyMDUxOCIsCiAgICAgICAgImlzc3VlZF9ieSI6ICLQoNC+0LrQuNGC0L3Rj9C90YHRjNC60LjQvCDQoNCSINCT0KMg0JzQktChINCa0LjRl9Cy0YHRjNC60L7RlyDQvtCx0LvQsNGB0YLRliIsCiAgICAgICAgImlzc3VlZF9hdCI6ICIyMDE3LTAyLTI4IiwKICAgICAgICAiZXhwaXJhdGlvbl9kYXRlIjogIjIwMjctMDItMjgiCiAgICAgIH0KICAgIF0sCiAgICAiYWRkcmVzc2VzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiUkVTSURFTkNFIiwKICAgICAgICAiY291bnRyeSI6ICJVQSIsCiAgICAgICAgImFyZWEiOiAi0JbQuNGC0L7QvNC40YDRgdGM0LrQsCIsCiAgICAgICAgInJlZ2lvbiI6ICLQkdC10YDQtNC40YfRltCy0YHRjNC60LjQuSIsCiAgICAgICAgInNldHRsZW1lbnQiOiAi0JrQuNGX0LIiLAogICAgICAgICJzZXR0bGVtZW50X3R5cGUiOiAiQ0lUWSIsCiAgICAgICAgInNldHRsZW1lbnRfaWQiOiAiYjA3NWYxNDgiLAogICAgICAgICJzdHJlZXRfdHlwZSI6ICJTVFJFRVQiLAogICAgICAgICJzdHJlZXQiOiAi0LLRg9C7LiDQndGW0LbQuNC90YHRjNC60LAiLAogICAgICAgICJidWlsZGluZyI6ICIxNSIsCiAgICAgICAgImFwYXJ0bWVudCI6ICIyMyIsCiAgICAgICAgInppcCI6ICIwMjA5MCIKICAgICAgfQogICAgXSwKICAgICJwaG9uZXMiOiBbCiAgICAgIHsKICAgICAgICAidHlwZSI6ICJNT0JJTEUiLAogICAgICAgICJudW1iZXIiOiAiKzM4MDUwMzQxMDg3MCIKICAgICAgfQogICAgXSwKICAgICJhdXRoZW50aWNhdGlvbl9tZXRob2RzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiVEhJUkRfUEVSU09OIiwKICAgICAgICAidmFsdWUiOiAiKzM4MDUwODg4NzcwMCIsCiAgICAgICAgImFsaWFzIjogImh1c2JhbmQiCiAgICAgIH0KICAgIF0sCiAgICAidW56ciI6ICIyMDA5MDcwNS0wMDAxMSIsCiAgICAiZW1lcmdlbmN5X2NvbnRhY3QiOiB7CiAgICAgICJmaXJzdF9uYW1lIjogItCf0LXRgtGA0L4iLAogICAgICAibGFzdF9uYW1lIjogItCG0LLQsNC90L7QsiIsCiAgICAgICJzZWNvbmRfbmFtZSI6ICLQnNC40LrQvtC70LDQudC+0LLQuNGHIiwKICAgICAgInBob25lcyI6IFsKICAgICAgICB7CiAgICAgICAgICAidHlwZSI6ICJNT0JJTEUiLAogICAgICAgICAgIm51bWJlciI6ICIrMzgwNTAzNDEwODcwIgogICAgICAgIH0KICAgICAgXQogICAgfSwKICAgICJjb25maWRhbnRfcGVyc29uIjogWwogICAgICB7CiAgICAgICAgInJlbGF0aW9uX3R5cGUiOiAiUFJJTUFSWSIsCiAgICAgICAgImZpcnN0X25hbWUiOiAi0J/QtdGC0YDQviIsCiAgICAgICAgImxhc3RfbmFtZSI6ICLQhtCy0LDQvdC+0LIiLAogICAgICAgICJzZWNvbmRfbmFtZSI6ICLQnNC40LrQvtC70LDQudC+0LLQuNGHIiwKICAgICAgICAiYmlydGhfZGF0ZSI6ICIxOTcyLTEwLTI2IiwKICAgICAgICAiYmlydGhfY291bnRyeSI6ICLQo9C60YDQsNGX0L3QsCIsCiAgICAgICAgImJpcnRoX3NldHRsZW1lbnQiOiAi0JLRltC90L3QuNGG0Y8iLAogICAgICAgICJnZW5kZXIiOiAiTUFMRSIsCiAgICAgICAgInRheF9pZCI6ICIyNjU5NzE5MzUwIiwKICAgICAgICAic2VjcmV0IjogInNlY3JldCIsCiAgICAgICAgInVuenIiOiAiMTk5MDAxMDEtMDAwOTkiLAogICAgICAgICJwcmVmZXJyZWRfd2F5X2NvbW11bmljYXRpb24iOiAiZW1haWwiLAogICAgICAgICJkb2N1bWVudHNfcGVyc29uIjogWwogICAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJQQVNTUE9SVCIsCiAgICAgICAgICAgICJudW1iZXIiOiAi0JDQkDEyMDUxOCIsCiAgICAgICAgICAgICJleHBpcmF0aW9uX2RhdGUiOiAiMjAyMS0wMi0yOCIsCiAgICAgICAgICAgICJpc3N1ZWRfYnkiOiAi0KDQvtC60LjRgtC90Y/QvdGB0YzQutC40Lwg0KDQkiDQk9CjINCc0JLQoSDQmtC40ZfQstGB0YzQutC+0Zcg0L7QsdC70LDRgdGC0ZYiLAogICAgICAgICAgICAiaXNzdWVkX2F0IjogIjIwMTctMDItMjgiCiAgICAgICAgICB9CiAgICAgICAgXSwKICAgICAgICAiZG9jdW1lbnRzX3JlbGF0aW9uc2hpcCI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiQklSVEhfQ0VSVElGSUNBVEUiLAogICAgICAgICAgICAibnVtYmVyIjogItCQ0JAxMjA1MTgiLAogICAgICAgICAgICAiaXNzdWVkX2J5IjogItCg0L7QutC40YLQvdGP0L3RgdGM0LrQuNC8INCg0JIg0JPQoyDQnNCS0KEg0JrQuNGX0LLRgdGM0LrQvtGXINC+0LHQu9Cw0YHRgtGWIiwKICAgICAgICAgICAgImlzc3VlZF9hdCI6ICIyMDE3LTAyLTI4IgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgInBob25lcyI6IFsKICAgICAgICAgIHsKICAgICAgICAgICAgInR5cGUiOiAiTU9CSUxFIiwKICAgICAgICAgICAgIm51bWJlciI6ICIrMzgwNTAzNDEwODcwIgogICAgICAgICAgfQogICAgICAgIF0sCiAgICAgICAgImVtYWlsIjogImVtYWlsbEBleGFtcGxlLmNvbSIKICAgICAgfQogICAgXSwKICAgICJwcmVmZXJyZWRfd2F5X2NvbW11bmljYXRpb24iOiAiZW1haWwiLAogICAgInBhdGllbnRfc2lnbmVkIjogdHJ1ZSwKICAgICJwcm9jZXNzX2Rpc2Nsb3N1cmVfZGF0YV9jb25zZW50IjogdHJ1ZQogIH0sCiAgImVtcGxveWVlIjogewogICAgImlkIjogImQyOTBmMWVlLTZjNTQtNGIwMS05MGU2LWQ3MDE3NDhmMDg1MSIsCiAgICAicG9zaXRpb24iOiAiUDYiLAogICAgInBhcnR5IjogewogICAgICAiaWQiOiAiYjA3NWYxNDgtN2Y5My00ZmMyLWIyZWMtMmQ4MWIxOWE5YjdiIiwKICAgICAgIm5vX3RheF9pZCI6IHRydWUsCiAgICAgICJmaXJzdF9uYW1lIjogItCf0LXRgtGA0L4iLAogICAgICAibGFzdF9uYW1lIjogItCG0LLQsNC90L7QsiIsCiAgICAgICJzZWNvbmRfbmFtZSI6ICLQnNC40LrQvtC70LDQudC+0LLQuNGHIiwKICAgICAgImVtYWlsIjogImVtYWlsQGV4YW1wbGUuY29tIiwKICAgICAgInBob25lcyI6IFsKICAgICAgICB7CiAgICAgICAgICAidHlwZSI6ICJNT0JJTEUiLAogICAgICAgICAgIm51bWJlciI6ICIrMzgwNTAzNDEwODcwIgogICAgICAgIH0KICAgICAgXQogICAgfQogIH0sCiAgImxlZ2FsX2VudGl0eSI6IHsKICAgICJuYW1lIjogItCa0LvRltC90ZbQutCwINCd0L7Rg9C90LXQudC8IiwKICAgICJzaG9ydF9uYW1lIjogItCd0L7Rg9C90LXQudC8IiwKICAgICJsZWdhbF9mb3JtIjogIjE0MCIsCiAgICAicHVibGljX25hbWUiOiAi0KbQn9Cc0KHQlCDihJYxIiwKICAgICJlZHJwb3UiOiAiNTQzMjM0NTQzMiIsCiAgICAibGljZW5zZXMiOiBbCiAgICAgIHsKICAgICAgICAibGljZW5zZV9udW1iZXIiOiAiZmQxMjM0NDMiLAogICAgICAgICJpc3N1ZWRfYnkiOiAi0JrQstCw0LvRltGE0ZbQutCw0YbQudC90LAg0LrQvtC80ZbRgdGW0Y8iLAogICAgICAgICJpc3N1ZWRfZGF0ZSI6ICIyMDE3LTAyLTI4IiwKICAgICAgICAiZXhwaXJ5X2RhdGUiOiAiMjAxNy0wMi0yOCIsCiAgICAgICAgImFjdGl2ZV9mcm9tX2RhdGUiOiAiMjAxNy0wMi0yOCIsCiAgICAgICAgIndoYXRfbGljZW5zZWQiOiAi0YDQtdCw0LvRltC30LDRhtGW0Y8g0L3QsNGA0LrQvtGC0LjRh9C90LjRhSDQt9Cw0YHQvtCx0ZbQsiIsCiAgICAgICAgIm9yZGVyX25vIjogItCS0JA0MzIzNCIKICAgICAgfQogICAgXSwKICAgICJhY2NyZWRpdGF0aW9uIjogewogICAgICAiY2F0ZWdvcnkiOiAiU0VDT05EIiwKICAgICAgImlzc3VlZF9kYXRlIjogIjIwMTctMDItMjgiLAogICAgICAiZXhwaXJ5X2RhdGUiOiAiMjAxNy0wMi0yOCIsCiAgICAgICJvcmRlcl9ubyI6ICJmZDEyMzQ0MyIsCiAgICAgICJvcmRlcl9kYXRlIjogIjIwMTctMDItMjgiCiAgICB9LAogICAgImFkZHJlc3NlcyI6IFsKICAgICAgewogICAgICAgICJ0eXBlIjogIlJFU0lERU5DRSIsCiAgICAgICAgImNvdW50cnkiOiAiVUEiLAogICAgICAgICJhcmVhIjogItCW0LjRgtC+0LzQuNGA0YHRjNC60LAiLAogICAgICAgICJyZWdpb24iOiAi0JHQtdGA0LTQuNGH0ZbQstGB0YzQutC40LkiLAogICAgICAgICJzZXR0bGVtZW50IjogItCa0LjRl9CyIiwKICAgICAgICAic2V0dGxlbWVudF90eXBlIjogIkNJVFkiLAogICAgICAgICJzZXR0bGVtZW50X2lkIjogImIwNzVmMTQ4IiwKICAgICAgICAic3RyZWV0X3R5cGUiOiAiU1RSRUVUIiwKICAgICAgICAic3RyZWV0IjogItCy0YPQuy4g0J3RltC20LjQvdGB0YzQutCwIiwKICAgICAgICAiYnVpbGRpbmciOiAiMTUiLAogICAgICAgICJhcGFydG1lbnQiOiAiMjMiLAogICAgICAgICJ6aXAiOiAiMDIwOTAiCiAgICAgIH0KICAgIF0sCiAgICAicGhvbmVzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiTU9CSUxFIiwKICAgICAgICAibnVtYmVyIjogIiszODA1MDM0MTA4NzAiCiAgICAgIH0KICAgIF0sCiAgICAiZW1haWwiOiAiZW1haWxAZXhhbXBsZS5jb20iLAogICAgImlkIjogImIwNzVmMTQ4LTdmOTMtNGZjMi1iMmVjLTJkODFiMTlhOWI3YiIKICB9LAogICJkaXZpc2lvbiI6IHsKICAgICJpZCI6ICJkMjkwZjFlZS02YzU0LTRiMDEtOTBlNi1kNzAxNzQ4ZjA4NTEiLAogICAgImxlZ2FsX2VudGl0eV9pZCI6ICJjOGFhZGI4Ny1lY2I5LTQxY2EtOWFkNC1mZmRmZTFkZDg5YzkiLAogICAgIm5hbWUiOiAi0JHQvtGA0LjRgdC/0ZbQu9GM0YHRjNC60LUg0LLRltC00LTRltC70LXQvdC90Y8g0JrQu9GW0L3RltC60Lgg0J3QvtGD0L3QtdC50LwiLAogICAgImFkZHJlc3NlcyI6IFsKICAgICAgewogICAgICAgICJ0eXBlIjogIlJFU0lERU5DRSIsCiAgICAgICAgImNvdW50cnkiOiAiVUEiLAogICAgICAgICJhcmVhIjogItCW0LjRgtC+0LzQuNGA0YHRjNC60LAiLAogICAgICAgICJyZWdpb24iOiAi0JHQtdGA0LTQuNGH0ZbQstGB0YzQutC40LkiLAogICAgICAgICJzZXR0bGVtZW50IjogItCa0LjRl9CyIiwKICAgICAgICAic2V0dGxlbWVudF90eXBlIjogIkNJVFkiLAogICAgICAgICJzZXR0bGVtZW50X2lkIjogImIwNzVmMTQ4IiwKICAgICAgICAic3RyZWV0X3R5cGUiOiAiU1RSRUVUIiwKICAgICAgICAic3RyZWV0IjogItCy0YPQuy4g0J3RltC20LjQvdGB0YzQutCwIiwKICAgICAgICAiYnVpbGRpbmciOiAiMTUiLAogICAgICAgICJhcGFydG1lbnQiOiAiMjMiLAogICAgICAgICJ6aXAiOiAiMDIwOTAiCiAgICAgIH0KICAgIF0sCiAgICAicGhvbmVzIjogWwogICAgICB7CiAgICAgICAgInR5cGUiOiAiTU9CSUxFIiwKICAgICAgICAibnVtYmVyIjogIiszODA1MDM0MTA4NzAiCiAgICAgIH0KICAgIF0sCiAgICAiZW1haWwiOiAiZW1haWxAZXhhbXBsZS5jb20iLAogICAgInR5cGUiOiAiY2xpbmljIiwKICAgICJleHRlcm5hbF9pZCI6ICIzMjEzMjEzIiwKICAgICJkbHNfaWQiOiAiMjg3Mjk4NSIsCiAgICAiZGxzX3ZlcmlmaWVkIjogdHJ1ZQogIH0sCiAgInNlZWQiOiAiaGFzaCIKfQ=="
}

Authorize*

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'declaration_request:sign')

    1. Return 403 in case invalid scope(s)

Request to process the request using a token in the headers.

Headers*

  • Content-Type:application/json

  • Authorization:Bearer c2778f3064753ea70de870a53795f5c9

Processing*

...

Validate patient’s signature

This validation must be done in different ways depending on context:

  • if request is done by person itself (There is no confidant person in data_to_be_signed data_to_be_signed.person.confidant_person (or is nil)) - we must check that signer DRFO matches with person tax_id or document

  • if request is done by confidant person (There is confidant person in data_to_be_signed data_to_be_signed.person.confidant_person) - we must check that signer DRFO matches with confidant person tax_id or document

Request is done by person

  1. Check that DRFO in Certificate details exists and not empty

  2. Check that DRFO in Certificate details is equal to Person’s tax_id

    1. Get person_id from token

    2. Get Person details using person_id

    3. Compare DRFO in Certificate with person.tax_id

      1. Convert DRFO and TAX_ID to uppercase

      2. Compare DRFO and TAX_ID as Cyrillic letters

      3. Convert DRFO to Cyrillic and compare as Cyrillic letters

    4. In case validation fails - generate 422 error

Request is done by confidant person

  1. Check that DRFO in Certificate details exists and not empty

  2. Check that DRFO in Certificate details is equal to Confidant Person’s tax_id

    1. Get confidant_person from data_to_be_signed.person

    2. Compare DRFO in Certificate with person.tax_id

      1. Convert DRFO and TAX_ID to uppercase

      2. Compare DRFO and TAX_ID as Cyrillic letters

      3. Convert DRFO to Cyrillic and compare as Cyrillic letters

    3. In case validation fails - generate 422 error

Validate doctor’s signature

  1. Check that DRFO in Certificate details (one of) is equal to DRFO in Party

    1. Get party.tax_id using employee_id in

...

    1. declaration payload

    2. Compare DRFO in Certificate with party.tax_id

      1. Convert DRFO and TAX_ID to uppercase

      2. Compare DRFO and TAX_ID as Cyrillic letters

      3. Convert DRFO to Cyrillic and compare as Cyrillic letters

    3. In case validation fails - generate 422 error

Latin to Cyrillic mapping

Code Block
%{"A" => "А", "B" => "В", "C" => "С", "E" => "Е", "H" => "Н", "I" => "І", "K" => "К", "M" => "М", "O" => "О", "P" => "Р", "T" => "Т", "X" => "Х"}

 

Validate request

  1. Validate request using JSON schema (See specification)

    1. In case validation fails - generate 422 error

  2. Check declaration request status

    1. If status is not APPROVED, - returned error 'Incorrect status'

Validate person verification status

  • validate patient's verification_status is not equal to NOT_VERIFIED.

    • in case of error return 409, "Patient is not verified"

Validate Parent declaration

Get parent_declaration_id from IL_DB.declaration_requests.parent_declaration_id.

  • If parent_declaration_id is not null, check that parent declaration exists and in status 'active'

    • In case of error - return 404 ("Active parent declaration was not found")

Check signed content

Check decoded signed content with previously created on IL.db.

Code Block
SELECT data.data_to_be_signed
FROM declaration_requests
WHERE id = {:id}

In case if they are not equal - generate 422 error (message: "Signed content does not match the previously created content")

Check employee

Declaration_request can be signed by any employee with necessery scopes in equal legal_entity_id.

  1. Extract legal_entity_id (client_id) from token

  2. Extract employee_id from request

  3. Check if $.client_id=employees.legal_entity_id 

    1. in case error return 422 

Check patient_signed flag

  • If "patient_signed" is not present in request, return 422 ("required property patient_signed was not present")

  • If "patient_signed"=false in request, return 422 ("Patient must sign declaration form")

  • If “patient_signed”=null, check that parent_declaration_id is not null,

    • in case of error, return 422 ("Patient must sign declaration form")

Validate human readable declaration number

...

  • if exists return 422 - message 'Declaration with the same declaration_number is already exist in DB' 

Processing

Save signed declaration to media storage

  1. Get url for declaration upload.

Use Request a Secret WS

Parameter

Source

action

'GET'

bucket

'DECLARATIONS'

resource_id

:DECLARATION_

...

ID

resource_name

:DECLARATION_NAME

  1. Upload signed declaration to media storage

Update declaration request:

  1. Change entity status in IL_DB.declaration_request to SIGNED

  2. Set status_reason:

    1. If channel = MIS - set status_reason to doctor_signed

    2. If channel = PIS - set status_reason to doctor_approved_over_limit

  3. Set updated_at - now() (Get current date-time)

  4. Set updated_by - user_id (Extract user from token)

Get active declarations

Search for active declarations using MPI ID

  1. If found, - terminate them and create new declaration.

    • If not found - create new declaration.

Terminate declaration

In case active declarations found - terminate all by changing status to INACTIVETERMINATED.
In case parent_declaration_id of declaration request is not null - terminate parent_declaration with reason reason = 'auto_reorganization'.

Create declaration

  1. Check authentication_method_current

    Code Block
    SELECT authentication_method_current
    FROM declaration_requests
    WHERE id = {:id}
    
    1. If "type" = "OFFLINE"

      1.  set declaration status to "PENDING_VERIFICATION"

      2. set reason to 'offline'

    2. if "type" = "OTP" - set declaration status to "ACTIVE" 

    3. if "type" = "NA" - check parent_declaration_id, if not null than set declaration status to "ACTIVE"

  2. Check persons 'no_tax_id' flag

    1. if 'no_tax_id'=

...

    1. true and parent_declaration_id is null

      1. set declaration status to "PENDING_VERIFICATION"

      2. set reason to 'no_tax_id'

    2. if ‘no_tax_id’=true and parent_declaration_id is not null - set declaration status to "ACTIVE"

  1. Create a new declaration by adding a new entity to the declarations table ops_db without declaration_id.

    1. if there is existing record in the declarations table with the same id and declaration_request_id, return ok to IL

...

Response structure*

See on Apiary

...

titleRequest example
Code Block
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
    "start_date": "2017-03-02",
    "end_date": "2017-03-02",
    "signed_at": "2017-03-02T00:00:00.000Z",
    "status": "active",
    "declaration_request_id": "74a6fae6-4207-4e03-a136-f2e70c6b0c02",
    "person_id": "5fb57a5d-1457-430e-9678-c81cec72779f",
    "legal_entity_id": "b075f148-7f93-4fc2-b2ec-2d81b19a9b7b",
    "employee_id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
    "division_id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
    "inserted_at": "2017-07-06T16:54:05.161571Z",
    "is_active": true,
    "reason": "manual_employee",
    "reason_description": "Згідно постанови 1 від 10.01.2017"
  }
}

Post-processing processes*

Що має відбутися в ЦБД після опрацювання та відправлення відповіді, тощо

HTTP status codes

...

HTTP status code

...

Message

...

What caused the error

...

 200

...

 

...