Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

Required parameters are marked with "*"

...

Purpose

...

This method must be used to recall existing Service Request.

Specification

...

Page Properties

Link

https://ehealthmedicaleventsapimedicaleventsmisapi.docs.apiary.io/#reference/service-requests/manage-service-requests-in-patient-context/recall-service-request

Resource

/api/patients/{{id}}/service_requests/{{id}}/actions/recall

Scope

service_request:recall

Components

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescriptionService request

Microservices

API paragraph not found

Protocol type

REST

Request type

PATCH

Sync/Async

Async

Public/Private/Internal

...

Public

Logic

Відміна направлення (Recalled)

This method must be used to recall existing Service Request. Method receives signed message (pkcs7) that consists of signed content, digital signature and signer public key. All signature fields will be validated (including signer certificate authority)

Important

  1. Signed content of service request must be equal to service request stored in DB. See Get Service Request details

  2. status_reason and explanatory_letter (optional) must be added to signed content

Please see Service request (Referral) state model and Dummy Recall Service Request for more details

Request structure

...

See on Apiary

Example:

Expand
titleRequest example
Code Block
{
  "signed_data": "ew0KICAicGVyaW9kIjogew0KIC..."
}

Authorize

...

  • Verify the validity of access token

    • Return (401, 'unauthorized') in case of validation fails

  • Verify that token is not expired

    • in case of error - return (401, 'unauthorized')

  • Check user scopes in order to perform this action (scope = 'service_request:write')

    1. Return (403, 'invalid scopes') in case of invalid scope(s)

  • If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at > current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    • in case not match - return 403 ("Access denied. Party is not verified")

  • If BLOCK_DECEASED_PARTY_USERS is true, check that party is not deceased (party_verification record does not equal to: dracs_death_verification_status = VERIFIED and dracs_death_verification_reason = MANUAL_CONFIRMED):

    • in case of error - return 403 ("Access denied. Party is deceased")

Request to process the request using a token in the headers

Headers

...

Наприклад:

  • Content-Type:application/json

  • Authorization:Bearer mF_9.B5f-4.1JqM: {{access_token}}

  • api-key: aFBLVTZ6Z2dON1V{{secret}}

Request data validation

...

Validate legal entity

  • Check legal entity type: it has to be in me_allowed_transactions_le_types config parameter, has status = active and nhs_verified = true

    • in case of error return 409 "Action is not allowed for the legal entity"

...

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
See service specification

  1. Ensure that digital signature is valid

  2. Validate that requester of service request is a current user

2.1. Get token metadata

  • Extract user_idclient_idclient_type

...

2.4 Ensure that $.requester.identifier.value matches with user employees

  1. Validate that DS belongs to the requester of encounter

  2. Check if service request based on Care plan if not match:

    1. Determine at least one of the user employees has an active approval on write this Care plan 

      1. in case of error - return 409 ('Employees related to this party_id not in current MSP')

3.1. Determine the party_id associated with requester ($.requester.identifier.value)

...

Covered by DS validation (see Validate digital signature p.2)

Validate user

Recalling a Service Request is allowed for user if he has one of the following active and approved employee that:

  • is an Employee from legal entity where Service Request is created

    • in case of error - return 409 ("Only an employee from legal entity where service request is created can recall service request")

Validate transition

Only active service request can be recalled

  1. Get current service request status

    1. Check that status in ('active')

      1. in case of error - return 409 error ('Service request in status %status% cannot be recalled')

Validate

...

recall reason

  1. Validate $.status_reason is a value from eHealth/service_request_recall_reasons dictionary

    1. in case of error - return 422 ("value is not allowed in enum")

Validate content

Signed content must match with service request in DB in order to be recalled

  1. Render service request from DB

  2. Exclude $.status_reason and $.explanatory_letter from signed content

  3. Compare rendered service request and signed content

    1. In case both object doesn't match - return 422 ('Signed content doesn't match with previously created service request')

Processing

...

Service logic

  1. Save signed content to media storage

  2. Update service request status to Recalled (update also updated_at, updated_by)

  3. Write record to status history

  4. Send SMS to patient (if authentication_method_current == SMS, do NOT send sms in case performer is present in SR)

  5. Send SMS to patient (if authentication_method_current == SMS)

    1. Template - TBD

  6. Async! Revoke all approvals made by this service request

  7. if the service request is based on activity with quantity:

    1. Recalculate and set remaining_quantity for the activity as described at PreQualify Service Request | Validate service request

Response structure

...

See on Apiary

Example:

Expand
titleResponse example
Code Block
{
  "data": {
    "status": "pending",
    "eta": "2018-08-02T10:45:16.000Z",
    "links": [
      {
        "entity": "job",
        "href": "/Jobs/NBXk9EyErUZv1RhXgyvgg"
      }
    ]
  },
  "meta": {
    "code": 202,
    "url": "http://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  }
}

Post-processing processes

...

API paragraph not found

HTTP status codes

...

Page Properties

HTTP status code

Message

What caused the error

 202

 

 

...