Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
REST API method / Метод REST API (настанова) (
Info
Note

Сторінка знаходиться в процесі розробки. Інформація на ній може бути застарілою.

Info

/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Table of Contents

Properties of a REST API method document

Page Properties
idpage_properties_method_REST API

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-001007-001006-001-00010267

Microservices (namespace)

MPIME

Component

AuthEpisode

Component ID

COM-001007-001006

Link на API-специфікацію

https://ehealthmisapi1medicaleventsmisapi.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/manage-client-configuration/get-client-detailsevents/episode-of-care/create-episode

Resource

{{host}}//api.ehealth.gov.ua/api/patients/{{id}}/encounter_packageepisodes

Scope

episode:write

Protocol type

REST

Request type

POST

Sync/Async

Async

Public/Private

Public

Purpose

Describe the purpose of the API method, add Key points (if necessary)

Logic

Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)This method is used to create an episode of care.

Logic

This method is used to create an episode of care.

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input

...

parameters

 89678f60-4cdc-4fe3-ae83-e8b3ebd35c59

Input parameter

Mandatory

Type

Description

Example

1

composition_id

 M

String ($uuid) (path)

Composition object ID

2

Request structure

See on Apiary

See on API-specification (посилання на сторінку з API-специфікацією)Description of the REST API request structure, example

Expand
titleExample
Code Block
{
  "id": "90a9e15b-b71b-4caf-8f2e-ff247e8a5600",
  "type": {
    "system": "eHealth/episode_types",
    "code": "primary_care"
  },
  "status": "active",
  "name": "Діабет 2018",
  "managing_organization": {
    "identifier": {
      "type": {
        "coding": [
          {
            "system": "eHealth/resources",
            "code": "legal_entity"
          }
        ]
      },
      "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
    }
  },
  "period": {
    "start": "2018-08-02T10:45:16.000Z"
  },
  "care_manager": {
    "identifier": {
      "type": {
        "coding": [
          {
            "system": "eHealth/resources",
            "code": "employee"
          }
        ]
      },
      "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
    }
  }
}

Headers

Key

Value

Mandatory

Description

Example

1

Content-Type

application/json

M

Тип контенту

Content-Type:application/json

2

Authorization

Bearer c2778f3064753ea70de870a53795f5c9

M

Перевірка користувача{{access_token}}

Authorization:Bearer c2778f3064753ea70de870a53795f5c9{{access_token}}

3

API-key

{{secret}}

API-key:{{secret}}

Request data validation

Describe the process of checking the input data transmitted in the request for compliance with the given rules and restrictions set in the API

Processing

A list of processes related to receiving, changing or transmitting data according to the logic defined in the REST API

Response structure examples

Description of the REST API response structure, example

...

titleExample

...

Authorize

  • Verify the validity of access token

    • return 401 (“Invalid access token”) in case validation fails

  • Verify token is not expired

    • in case of error - return 401 (“Invalid access token”)

  • Check user scopes in order to perform this action (scope = 'episode:write')

    • Return 403 in case invalid scope(s)

  • If BLOCK_UNVERIFIED_PARTY_USERS is true, then check user's party data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at <= current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    • in case not match - return 403 ("Access denied. Party is not verified")

Request data validation

  1. Validate patient status

    1. Medical_data status for this patient must be in "active" status

      1. in case of error return 409 - "Patient is not active"

  2. Validate episode id is unique

    1. $.id is unique 

      1.  in case of error return 422 - "Episode with such id already exists"

  3. Validate that episode number is unique 

    1. $.number is unique 

      1. in case of error return 409 - "Episode with such number already exists. Episode number must be unique"

  4. Validate request according to JSON Schema LINK

    1. in case of error return 422

  5. Validate type

    1. according to legal entity type: Medical Events Dictionaries and configurations#legal_entity_episode_types

      1. in case of error return 409 "Episode type <type> is forbidden for your legal entity type"

    2. according to employee type: Medical Events Dictionaries and configurations#employee_episode_types

      1. in case of error return 409 "Episode type <type> is forbidden for your employee type"

  6. Validate status= "active" - resolved by JSON schema

  7. Validate managing_organization

    1. Only one item is allowed in coding array

      1. in case of error return 422 "Only one item is allowed in "coding" array " 

    2. $.managing_organization.identifier.type.coding.[0].code = "legal_entity"

      1. in case of error return 422 "Only legal_entity could be submitted as a managing_organization"

    3. $.managing_organization.identifier.value = token.client_id

      1. in case of error return 422 "Managing_organization does not correspond to user`s legal_entity"

    4. $.managing_organization.identifier.type.coding.[0].system = "eHealth/resources"

      1. in case of error return 422 "Submitted system is not allowed for this field"

  8. Validate period

    1. $.period.start <= current_date

      1. in case of error return 422 - "Start date of episode must be in past"

    2. $.period.end is absent

      1. in case of error return 422 - "End date of episode could not be submitted on creation"

  9. Validate care_manager

    1. $.care_manager.identifier.type.coding.[0].code = "employee"

      1. in case of error return 422 "Only employee could be submitted as a care_manager"

    2. $.care_manager.identifier.type.coding.[0].system = "eHealth/resources"

      1. in case of error return 422 "Submitted system is not allowed for this field"

    3. PRM.employee.type = value from list of employee_types in configuration:
      ALLOWED_EPISODE_CARE_MANAGER_EMPLOYEE_TYPES

      1. in case of error return 409 "Employee submitted as a care_manager is not in the list of allowed employee types" 

      2. PRM.employee.status= "active"

        1. in case of error return 409 "Employee submitted as a care_manager is not active"

      3. PRM.employee.legal_entity = token.client_id

        1. in case of error return 409 "User can create an episode only for the doctor that works for the same legal_entity"

    4. $.care_manager.identifier.value belongs to one of the user’s employee

      1. in case of error return 422 "Employee is not care manager of episode"

Error example:

{:error, [{%{

        description: "Episode with such id already exists",

        params: [],

        rule: :invalid

      }, "$.id"}]}

Processing

  1. Set episodes.care_manager.display_value = ((PRM.parties.first_name + PRM.parties.second_name  + PRM.parties.last_name) where PRM.parties.id == PRM.employees.party_id) where PRM.employees.id== $.care_manager.identifier.value

  2. Set episodes.managing_organization.display_value = PRM.legal_entities.public_name where ( PRM.legal_entities.id == $.managing_organization.identifier.value) 

  3. Create a record in status_hstr

Response structure examples

See on Apiary

See on API-specification

Expand
titleResponse Example
Code Block
{
  "data": {
    "status": "pending",
    "eta": "2018-08-02T10:45:16.000Z",
    "links": [
      {
        "entity": "job",
        "href": "/Jobs/NBXk9EyErUZv1RhXgyvgg"
      }
    ]
  },
  "meta": {
    "code": 202,
    "url": "http://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  }
}
Expand
titleResponse Example
Code Block
{
  "meta": {
    "code": 404,
    "url": "http://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "error": {
    "type": "NOT_FOUND",
    "message": "Patient not found"
  }
}

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

1000

404

Composition not found

COMPOSITION_NOT_FOUND_404

Не знайдено медичний висновок

3

401

Unauthorized

Помилка підтвердження

4

Специфічні

5

422

Only for active MPI record can be created medication request!202

 Response

 

3

401

 

Access token validation failed

4

401

Invalid access token

5

403

Access denied. Party is not verified

6

403

 

Invalid scope

7

 404

 Patient not found

 

8

409

Episode type <type> is forbidden for your legal entity type

9

409

Employee submitted as a care_manager is not in the list of allowed employee types

10

409

Employee submitted as a care_manager is not active

11

409

Patient is not active

12

409

 

Validation failed

13

409

User can create an episode only for the doctor that works for the same legal_entity

14

422

Episode with such id already exists

15

422

Employee is not care manager of episode

16

422

End date of episode could not be submitted on creation

17

422

Managing_organization does not correspond to user`s legal_entity

18

422

Only one item is allowed in "coding" array

19

422

Only legal_entity could be submitted as a managing_organization

20

422

Only employee could be submitted as a care_manager

21

422

 

Validation failed

22

422

Submitted system is not allowed for this field

23

422

Submitted system is not allowed for this field

24

422

Start date of episode must be in past

25

Специфічні

26

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

Page Properties Report
headingsID ТМ, Статус
cqllabel = "tr-mis"

...