Versions Compared

Old Version 2

changes.mady.by.user Anzhela Kovalenko (SoE eHealth)

Saved on

compared with

New Version Current

changes.mady.by.user Anastasiia Prokhorova (SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
REST API method / Метод REST API (настанова)
Info
Note

Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

Info

/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Table of Contents

Properties of a REST API method document

Page Properties
idpage_properties_method_REST API

Document type

Метод REST API

Document title

[DRAFT] Create division [API-005-006-001-0089]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-001005-001006-001-00010089

Microservices (namespace)

MPIIL

Component

AuthDivisions

Component ID

COM-001005-001006

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/manage-client-configuration/get-client-detailsdivisions/create-division

Resource

{{host}}//api.ehealth.gov.ua/api/patients/id/encounter_packagedivisions

Scope

division:write

Protocol type

REST

Request type

POST

Sync/Async

Sync

Public/Private

Public

Purpose

Describe the purpose of the API method, add Key points (if necessary)

Logic

Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Description of input This method must be used to create new division in the system.

Note that different legal entity types can register specific division types and address types accordingly More details can be found here

Logic

General

Each legal entity can manage its own divisions:

  • add new division

  • view existing divisions and its details

  • edit some information on existing division

  • deactivate division

Only users of this legal entity with specific scopes can manage divisions

Editable information on division:

  • name

  • addresses

  • phones

  • email

  •  add the gps-coordinates attributed to the division

  • working hours

Note: Exclude legal_entity_id from Divisions Request Payload in Public API's. Legal_entity_id must be set by GW using user access token.

Note: Calculate mountain group for each new Divisions based on division address

Acceptance criteria:

  •  Configured Public GET, POST, PATCH methods on GW

  •  Successful response with correct authorization and appropriate scopes

  •  401 error on invalid authorization

  •  403 error on invalid scopes

  •  Legal entity id is missing in request

  •  Legal entity id is set as header by GW

  •  Created divisions saved to DB

  •  Mountain group calculated

Configuration parameters

N/A

Dictionaries

Dictionary ADDRESS_TYPE
Dictionary PHONE_TYPE
Dictionary SETTLEMENT_TYPE
Dictionary STREET_TYPE
Dictionary DIVISION_TYPE
Dictionary COUNTRY

Input parameters

Input parameter

Mandatory

Type

Description

Example

1

composition_id

 M

String ($uuid) (path)

Composition object ID

 89678f60-4cdc-4fe3-ae83-e8b3ebd35c59

2

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)

Description of the REST API request structure, example

...

titleExample

...

Headers

...

Key

...

Value

...

Mandatory

...

Description

...

Example

...

Content-Type

...

application/json

...

M

...

Тип контенту

...

Content-Type:application/json

...

Authorization

...

Bearer c2778f3064753ea70de870a53795f5c9

...

M

...

Перевірка користувача

...

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

...

Request data validation

Describe the process of checking the input data transmitted in the request for compliance with the given rules and restrictions set in the API

Processing

A list of processes related to receiving, changing or transmitting data according to the logic defined in the REST API

Response structure examples

Description of the REST API response structure, example

...

titleExample

...

2

Request structure

See on API-specification

Expand
titleExample
Code Block
languagejson
{
  "name": "Бориспільське відділення Клініки Ноунейм",
  "addresses": [
    {
      "type": "RESIDENCE",
      "country": "UA",
      "area": "Житомирська",
      "region": "Бердичівський",
      "settlement": "Київ",
      "settlement_type": "CITY",
      "settlement_id": "b075f148",
      "street_type": "STREET",
      "street": "вул. Ніжинська",
      "building": "15",
      "apartment": "23",
      "zip": "02090"
    }
  ],
  "phones": [
    {
      "type": "MOBILE",
      "number": "+380503410870"
    }
  ],
  "email": "email@example.com",
  "working_hours": {
    "mon": [
      [
        "08.00",
        "12.00"
      ],
      [
        "14.00",
        "18.00"
      ]
    ],
    "tue": [
      [
        "08.00",
        "12.00"
      ]
    ],
    "wed": [
      [
        "08.00",
        "12.00"
      ]
    ],
    "thu": [
      [
        "08.00",
        "12.00"
      ]
    ],
    "fri": [
      [
        "08.00",
        "12.00"
      ]
    ]
  },
  "type": "CLINIC",
  "legal_entity_id": "c8aadb87-ecb9-41ca-9ad4-ffdfe1dd89c9",
  "external_id": "3213213",
  "location": {
    "latitude": 30.1233,
    "longitude": 50.32423
  }
}Headers

Headers

Headers

Request data validation

Authorize

  1. Verify the validity of access token

  2. Check user scope (scope = 'division:write') in order to perform this action

    • in case error - generate 401 response

  3. If BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    • in case not match - return 403 ("Access denied. Party is not verified")

Validate location

Location is required for divisions related to legal entity with type PHARMACY

  1. Check that location exists in request for legal entity with type PHARMACY

    1. In case of error - generate 422 response

Validate addresses

  1. Check that addresses.type exists in dictionaries.

    1. In case error generate 422 "value is not allowed in enum"

  2. Check that addresses.area exists in Uaddresses.areas

    1. in case error generate 422 "invalid area value"

  3. Check that addresses.settlement exists in Uaddresses.settlements

    1. in case error generate 422 "invalid settlement value"

  4. Check that addresses.settlement_type exists in dictionaries.

    1. in case error generate 422 "value is not allowed in enum"

  5. Check that addresses.settlement_id exists in Uaddresses.settlements

    1. in case error generate 422 "settlement with id = <id> does not exist"

  6. Check that addresses.street_type exists in dictionaries.

    1. In case error generate 422 "value is not allowed in enum"

  7. Check that addresses.zip in "^[0-9]{5}$" format.

    1. In case error generate 422 "string does not match pattern \"^[0-9]{5}$\""

  8. Check mapping legal_entity_type, division_type and address_type and its obligation. See validation rules here: Validation rules on Divisions 

    1. in case error generate 422 response

Validate phone

  1. Check that phone type exists in dictionaries. PHONE_TYPE required (MOBILE,LAND_LINE)

    1. in case error generate 422 response

  2. Check phone number is valid according to "^\\+38[0-9]{10}$"

    1. in case error generate 422 response

Validate email

  1. Check that email is valid according to "~r/^[\\w!#$%&'*+\\/=?`{|}~^-]+(?:\\.[\\w!#$%&'*+\\/=?`{|}~^-]+)*@(?:[A-Z0-9-]+\\.)+[A-Z]{2,6}$/i"

    1. in case error generate 422 response

Validate type

  1. Check that type exists in dictionaries. 

    1. in case error generate 422 response

  2. Check mapping of legal_entity_type and division type. See validation rules here: Validation rules on Divisions 

    1. in case error generate 422 response

Processing

Create new division

Parameter

Source

action

`PUT`

id

 

external_id

$.external_id

name

$.name

type

$.type

mountain_group

 

addresses

$.addresses

phones

$.type, $.number

email

$.email

inserted_at

:timestamp

Updated_at

:timestamp

legal_entity_id

take from token

Location

$.latitude, $.longitude

status

ACTIVE

is_active

true

working_hours

$.working_hours

Additional

  1. Add new mapping for  "division_type" &  Legal_entity_type

    1. Check that prm.legal_entities.status = active or suspended and prm.legal_entities.is_active = true for legal entity to which division is added

  2. Add new validation for verification of usage division_type in Legal_entity_type at Create_division process.

  3. There is no other specific logic for new division types.

Response structure examples

See on API-specification

Expand
titleExample
Code Block
languagejson
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "d290f1ee-6c54-4b01-90e6-d701748f0851",
    "name": "Бориспільське відділення Клініки Ноунейм",
    "addresses": [
      {
        "type": "RESIDENCE",
        "country": "UA",
        "area": "Житомирська",
        "region": "Бердичівський",
        "settlement": "Київ",
        "settlement_type": "CITY",
        "settlement_id": "b075f148",
        "street_type": "STREET",
        "street": "вул. Ніжинська",
        "building": "15",
        "apartment": "23",
        "zip": "02090"
      }
    ],
    "phones": [
      {
        "type": "MOBILE",
        "number": "+380503410870"
      }
    ],
    "email": "email@example.com",
    "working_hours": {
      "mon": [
        [
          "08.00",
          "12.00"
        ],
        [
          "14.00",
          "18.00"
        ]
      ],
      "tue": [
        [
          "08.00",
          "12.00"
        ]
      ],
      "wed": [
        [
          "08.00",
          "12.00"
        ]
      ],
      "thu": [
        [
          "08.00",
          "12.00"
        ]
      ],
      "fri": [
        [
          "08.00",
          "12.00"
        ]
      ]
    },
    "type": "CLINIC",
    "legal_entity_id": "c8aadb87-ecb9-41ca-9ad4-ffdfe1dd89c9",
    "external_id": "3213213",
    "location": {
      "latitude": 30.1233,
      "longitude": 50.32423
    },
    "status": "ACTIVE",
    "mountain_group": false,
    "dls_id": "2872985",
    "dls_verified": true
  }
}

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

1000

404

Composition not found

COMPOSITION_NOT_FOUND_404

Не знайдено медичний висновок

3

401

Unauthorized

Помилка підтвердження

4

Специфічні

5

422

Only for active MPI record can be created medication request!

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

...

200

 Response

 

3

401

 Authorization failed

4

403

 Invalid scopes

5

403

Access denied. Party is not verified

6

422

invalid area value

7

422

invalid settlement value

8

422

settlement with id = <id> does not exist

9

422

string does not match pattern \"^[0-9]{5}$\"

10

422

Validation failed

11

422

value is not allowed in enum

12

Специфічні

13

Post-processing processes

N/A

Technical modules where the method is used

Page Properties Report
headingsID ТМ, Статус
cqllabel = "tr-mis"

...