Info |
---|
Note |
Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою. |
Info |
---|
/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document) |
Table of Contents |
---|
Properties of a REST API method document
Page Properties | ||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||
|
Purpose
Describe the purpose of the API method, add Key points (if necessary)This WS is used to create Declaration Request (as part of Declaration creation process) via new api.
Створення декларації (версія 3)
Key points
This method method allows to create a declaration only for an existing person.
To create declaration request based on active declaration in reorganized legal entity,
parent_declaration_id
must be passed in request.
Logic
Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)
Configuration parameters
Description of the configuration parameters that are used when processing a request in the system
Dictionaries
Provides a list of links to dictionaries that are available in Confluence
Input
...
parameters
Input parameter | Mandatory | Type | Description | Example | ||||||
---|---|---|---|---|---|---|---|---|---|---|
1 | composition_id | M | String ($uuid) (path) | Composition object ID | 89678f60-4cdc-4fe3-ae83-e8b3ebd35c59||||||
2 |
Request structure
See on API-specification (посилання на сторінку з API-специфікацією)Description of the REST API request structure, example
Expand | ||
---|---|---|
| ||
|
Headers
Key | Value | Mandatory | Description | Example | |
---|---|---|---|---|---|
1 | Content-Type | application/json | M | Тип контенту | Content-Type:application/json |
2 | Authorization | Bearer c2778f3064753ea70de870a53795f5c9 | M | Перевірка користувача | Authorization:Bearer c2778f3064753ea70de870a53795f5c9 | 3 |
Request data validation
Describe the process of checking the input data transmitted in the request for compliance with the given rules and restrictions set in the API
Processing
A list of processes related to receiving, changing or transmitting data according to the logic defined in the REST API
Response structure examples
...
2 | |||||
3 |
Request data validation
Authorize
Verify the validity of access token
in case error - return 401
Check users scopes ('declaration_request:write') to perform this action
in case error return 403 - forbidden
If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at > current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):
in case not match - return 403 ("Access denied. Party is not verified")
If BLOCK_DECEASED_PARTY_USERS is true, check that party is not deceased (party_verification record does not equal to: dracs_death_verification_status = VERIFIED and dracs_death_verification_reason = MANUAL_CONFIRMED):
in case of error - return 403 ("Access denied. Party is deceased")
Validate request using JSON schema
Expand | ||
---|---|---|
|
Validate Legal Entity Type
Validate legal entity from token: legal_entities.type should be in DECLARATION_REQUEST_LEGAL_ENTITY_TYPES("MSP,PRIMARY_CARE,MSP_PHARMACY") and legal_entities.status =='active'
Validate doctor
...
Get employee details
Invoke Get employee details
Validate Response $.data.employee_type == DOCTOR
Take the doctor_id and the division_id from the token
Validate person
validate person_id UUID
in case error return 422
search person by person_id in MPI
in case error return 404, "Such person doesn't exist"
validate person.auth_method != NA
in case error return 422, "Person must have authentication method"
validate person.status = ‘active’ and is_active =true
in case error return 404, "Such person doesn't exist"
Validate person verification status
validate patient's verification_status is not equal to NOT_VERIFIED.
in case of error return 409, "Patient is not verified"
Validate authorize_with
The person can pass the id of his auth_method which he wants to confirm the create declaration request. The necessary auth method can be found by making Get person's auth methods
validate auth_method.id is UUID
in case error return 422
search auth method in MPI.person_authentication_method
in case error return 422, "such authentication method doesn't exist"
search auth method of this person where MPI.person_authentication_method.person_id = $.person.id
in case error return 422, "such authentication method does not belong to this person"
validate that auth_method.type != NA
in case error return 422, "Сannot be confirmed by a method with type= NA. Use a different method."
validate that this method is active ( authentication_method.ended_at > now() and is_active = true)
This field is optional and set in il.declaration_reques.authentication_method_current.
If person request doesn't have this field, then choose that method which is returned from mpi as person's default method
Validate parent declaration
check that parent declaration exists and in status ‘active’
in case of error - return 404 (‘Active parent declaration was not found’)
check that the parent declaration belongs to a person (person_id of parent declaration and person_id from request are the same)
in case of error - return 409 (‘Parent declaration does not belong to this person’)
check that the legal entity of parent declaration and the current legal entity are in reorganization process with types ACCESSION, MERGING, DIVIDING, SEPARATING (request: select * from related_legal_entities where is_active=true and merged_from_id=parent_declaration_id.legal_entity_id and merged_to_id=employee_id.legal_entity_id and type in (‘ACCESSION’, ‘MERGING’, ‘DIVIDING’, ‘SEPARATING’); returns at least one record)
in case of error - return 409 (‘Legal entities of parent declaration and current are not in reorganization process’)
check that party_id of employee from parent declaration and party_id of current employee are the same
in case of error - return 409 (‘Employee of parent declaration and current employee are not the same’)
This field is optional and set in il.declaration_reques.parent_declaration_id.
If parent_declaration_id is passed in request, authorize_with validation and processing must be skipped, created declaration request will be processed without patients involvement.
Get global parameters
Invoke Global parameters to get following parameters:
ADULT_AGE
DECLARATION_TERM
no_self_auth_ag
Calculate patient age
Calculate patient age
|
Check that doctor speciality meets the patient age requirements
Get doctor's speciality_officio (speciality object where speciality_officio == true)
Check age requirements according to global parameters
Speciality officio | Age |
---|---|
FAMILY DOCTOR | All ages |
THERAPIST | Greater or equal to $.data.adult_age |
PEDIATRICIAN | Less than $.data.adult_age |
Validate confidant person
If person age < prm.global_parameters.no_self_auth_age check existence of confidant_person
in case error return 422 - msg "Confidant person is mandatory for children"
Processing
Search pending declaration requests
Search declarations in IL_DB.declaration_requests to prevent requests duplication:
where IL.Declaration_request.mpi_id = :($.person.id) and status in ('NEW' or 'APPROVED)
Cancel declaration requests
Change status and status reason of all found declaration requests:
status: CANCELED
status_reason: request_cancelled
|
Calculate declaration end/start date
Declaration
Start date:
|
End date:
|
Save declaration request
Insert record to IL.declaration_request:
status 'NEW'
is_shareable: false
Generate upload URL
If auth_method_requests.auth_method_current = OFFLINE
URL for person.documents
Depending on the payload system generates list of signed urls for document scan-copies upload.
Signed URLs to be expired after some period of time (configurable `SECRETS_TTL`, розташування на Gitlab: (ael.api/docs/Centrul Național de Mediu )). If it has been expired - new declaration request should be created.
Each link is generated for one one-page document in jpeg format. Document should be no more than 10MB.
Set auth_method_current
Get parent_declaration_id from il.declaration_requests.parent_declaration_id.
If parent_declaration_id is null, set default auth method of person on IL.auth_method_request.auth_method_current - use function in mpi, that return default auth method.
If auth_method_current = NA - return Error "person authentication method is undefined"
.
If parent_declaration_id is not null, set auth_method_current = NA (request is processed without patients involvement).
Generate verification code
If auth_method_requests.auth_method_current = OTP
Invoke Initialize OTP to generate one time password and send it where auth_method_requests.auth_method_current = OTP.
cURL example
|
Generate human readable declaration number
Use algorithm to generate declaration_number
Declaration number should consist of a 4 serial symbols and 8 number symbols and looks like XXXX-12H4-245D
Add field to ops.declarations and il.declaration_requests - declaration_number
Add declaration_number to print out form
Validate uniqueness of human readable declaration number
generate declaration_number
Search declaration_number in declaration_requests.declaration_number
if exists = go to 'generate declaration_number'
else save declaration_number to declaration_request
Response structure examples
See on API-specification
Expand | ||
---|---|---|
| ||
|
HTTP status codes
Response code | HTTP Status code | Message | Internal name | Description | |||||||
---|---|---|---|---|---|---|---|---|---|---|---|
1 | Базові | ||||||||||
2 | 1000 | 404 | Composition not found | COMPOSITION_NOT_FOUND_404 | Не знайдено медичний висновок | 3 | 201 | Response |
| ||
3 | 401 |
| Access token validation failed | ||||||||
4 | 403 | Access denied. Party is not verified | |||||||||
5 | 403 | Access denied. Party is deceased | |||||||||
6 | 403 |
| Invalid scopes | ||||||||
7 | 403 | forbidden | |||||||||
8 | 404 | Active parent declaration was not found | |||||||||
9 | 404 |
| Validation error | ||||||||
10 | 404 | Such person doesn't exist | |||||||||
11 | 409 |
| Validation error | ||||||||
12 | 409 | Employee of parent declaration and current employee are not the same | |||||||||
13 | 409 | Legal entities of parent declaration and current are not in reorganization process | |||||||||
14 | 409 | Parent declaration does not belong to this person | |||||||||
15 | 422 |
| Validation error | ||||||||
16 | 401 | Unauthorized | Помилка підтвердження | 4||||||||
17 | 409 | Patient is not verified | |||||||||
18 | 422 | Сannot be confirmed by a method with type= NA. Use a different method. | |||||||||
19 | 422 | Person must have authentication method | |||||||||
20 | 422 | such authentication method doesn't exist | |||||||||
21 | 422 | such authentication method does not belong to this person | |||||||||
22 | Специфічні | ||||||||||
523 | 422 | Only for active MPI record can be created medication request! |
Post-processing processes
Description of actions performed on data after processing
Technical modules where the method is used
List of pages describing technical modules where the method is used
Page Properties Report | ||||
---|---|---|---|---|
|
...