Versions Compared

Old Version 2

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

compared with

New Version Current

changes.mady.by.user Anastasiia Prokhorova (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
REST API method / Метод REST API (настанова) (
Info
Note

Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

Info

/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Table of Contents

Properties of a REST API method document

Page Properties
idpage_properties_method_REST API
Request type

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-001005-001004-001002-00010075

Microservices (namespace)

MPIIL

Component

AuthDeclarations

Component ID

COM-001005-001004

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/managedeclaration-client-configuration/get-client-detailsrequests/approve-declaration-request-v3

Resource

{{host}}//api.ehealth.gov.ua/api/patients/id/encounter_package

Scope

Protocol type

/v3/declaration_requests/{{id}}/actions/approve

Scope

declaration_request:approve

Protocol type

REST

Request type

PATCH

Sync/Async

Sync

Public/Private

Public

Purpose

Describe the purpose of the API method, add Key points (if necessary)Use this method to approve previously created Declaration Request.

Key points

  1. In case if persons current authentication method is OTP, request body must contain verification_code field with OTP.

  2. For any other authentication method, request body must be empty, but additional documents upload is needed for OFFLINE authentication method.

Logic

Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Description of input parameters

Input parameter

Mandatory

Type

Description

Example

1

composition_id

 M

String ($uuid) (path)

Composition object ID

 89678f60-4cdc-4fe3-ae83-e8b3ebd35c59

2

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)Description of the REST API request structure, example

Expand
titleExample
Code Block
Headers
Key
Value
Mandatory
Description
Example
1
Content-Type
application/json
M
Тип контенту
Content-Type:application/json
2
Authorization
Bearer c2778f3064753ea70de870a53795f5c9
M
Перевірка користувача
Authorization:Bearer c2778f3064753ea70de870a53795f5c9
3
Request data validation
Describe the process of checking the input data transmitted in the request for compliance with the given rules and restrictions set in the API
Processing
A list of processes related to receiving, changing or transmitting data according to the logic defined in the REST API
Response structure examples
...
2
3
Request data validation
Authorize user
  1. Verify the validity of access token
  2. Check user scopes declaration_request:write in order to perform this action
    1. In case error - generate 401 response
Validate request
  1. Validate request using JSON schema
    1. In case validation failed - generate 422 error
JSON Schema 
 Expand
 Code Block
{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "verification_code": {
      "type": "string"
    }
  },
  "required": [
    "verification_code"
  ],
  "additionalProperties": false
}
Validate person verification status
  • validate patient's verification_status is not equal to NOT_VERIFIED.
    • in case of error return 409, "Patient is not verified"
Get declaration request details
Get declaration request from IL_DB.declaration_request
Determine authorization method
Get authorization_method from IL_DB.declaration_request
 Code Block
SELECT IL_DB.declaration_request.authentication_method
FROM   IL_DB.declaration_request
WHERE IL_DB.declaration_request.id = :id

If authentication_method_current is NULL - return Error
If authentication_method_current == OFFLINE - check uploaded document
If authentication_method_current = OTP - verify SMS code
If authentication_method_current = NA - verify Parent declaration
Verify code
Invoke verification module to verify OTP
OTP Verification
Check uploaded documents
Invoke Media Content Storage to check documents exist
Verify Parent declaration
Get parent_declaration_id from IL_DB.declaration_requests.parent_declaration_id:
  • If parent_declaration_id is null, validate declaration request with current authentication_method_current = NA logic
  • If parent_declaration_id is not null, check that parent declaration exists and in status 'active'
    • In case of error - return 404 (‘Active parent declaration was not found’)
Processing
Generate printout form
Prepare data for declaration request printout form
  1. Call MAN service to render printout form
  2. Get template id from config (DECLARATION_REQUEST_PRINTOUT_FORM_TEMPLATE_ID)
  3. Prepare printout content based on declaration request data
  4. Render printout form and save to declaration request
 
Set IL.declaration_request.printout_content:
 Expand
 Code Block
MANResponse.$.data
Change patient_signed and process_disclosure_data_consent values
If parent_declaration_id is not null and authentication_method_current = NA, update following fields values at data_to_be_signed field:
  • patient_signed = null
  • process_disclosure_data_consent = null
Generate hash ‘seed’
Generate hash seed - Hash of previous block in declarations chain or other random component that should be signed with declaration
Change declaration request
  1. Change entity status in IL_DB.declaration_request to APPROVED
  2. Set status_reason to doctor_confirmed
  3. Set is_shareable to true
  4. Set updated_at - now() (Get current date-time)
  5. Set updated_by - user_id (Extract user from token)
Response structure examples
See on API-specification 
 Expand
titleExample
 Code Block
HTTP status codes
Only for active MPI record can be created medication request!
Response code
HTTP Status code
Message
Internal name
Description
1
Базові
2
1000201
404
Composition not found
COMPOSITION_NOT_FOUND_404
Не знайдено медичний висновок Response
 
3
401
Unauthorized 
Помилка підтвердженняInvalid scopes
4
Специфічні
5
422
404
Active parent declaration was not found
5
409
Patient is not verified
 
6
422
This doctor has X declarations and could not sign more
7
Специфічні
8
Post-processing processes
Description of actions performed on data after processing
Technical modules where the method is used
List of pages describing technical modules where the method is used
 Page Properties Report
headingsID ТМ, Статус
cqllabel = "tr-mis"
...