...
Request to process the request using a token in the headers
Headers
Наприклад:
Content-Type:application/json
Authorization:Bearer mF_9.B5f-4.1JqM
api-key:aFBLVTZ6Z2dON1V
...
Get token metadata
Extract user_id, client_id, client_type
Ensure that employee belongs to client
$.used_by_employee.identifier.type.coding[*].system == "eHealth/resources"
$.used_by_employee.identifier.type.coding[*].code == "employee"
$.used_by_employee.identifier.value must belong to client_id (prm.employees.legal_entity_id == :client_id)
in case of error return 422 "You can assign service request only to employee within your legal entity"
Check employee_type:
in $.used_by_employee field validate employee_type == DOCTOR, SPECIALIST, ASSISTANT OR LABORANT :
if service_request.category="laboratory_procedure", "diagnostic_procedure" OR "procedure" check employee_type == DOCTOR, SPECIALIST, ASSISTANT OR LABORANT
else employee_type == DOCTOR OR SPECIALIST
in case of error, return 422 "Invalid employee type"
Validate used_by_legal_entity is a current legal_entity
$.used_by_legal_entity.identifier.value==token.client_id
in case of error return 409 "You can assign service request only to your legal entity"
Validate used_by_division
if SR.category = hospitalization
validate used_by_division is sent, in case error return 422, "Division is mandatory for $category category"
validate used_by_division.legal_entity_id = used_by_legal_entity_id
Is SR.category = transfer_of_care
validate used_by_division is sent, in case error return 422, "Division is mandatory for $category category"
Validate $division.legal_entity_id = SR.Performer, in case error return 422, "Patient is transferred to another legal entity"
...