Table of Contents | ||||
---|---|---|---|---|
|
...
Returns care plan list filtered by submitted parameters within specified patient.
Input parameters
Input parameter | Values | Type | Description | Example |
---|---|---|---|---|
patient_id | String | MPI identifier of the patient |
|
Filters
Filter | Values | Type | Description | Example |
---|---|---|---|---|
period_date | Date | date within Care plan's period incleuding start and end dates |
| |
encounter_id | String | identifier of the encounter in Care plan |
| |
based_on | String | Care Plan identifier on which returned Care plans are based on |
| |
part_of | String | parent Care Plan identifier which includes returned Care plans |
| |
status | String | Care plan's status |
| |
page | Number | Page number |
| |
page_size | Number | A limit on the number of objects to be returned, between 1 and 100. Default: 50 |
|
Dictionaries
PROVIDING_CONDITION
Request structure
Authorize
Verify the validity of access token
Return (401, 'unauthorized') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'unauthorized')
Check user scopes in order to perform this action (scope = 'care_plan:read')
Return (403, 'invalid scopes') in case of invalid scope(s)
Request to process the request using a token in the headers
Headers
Наприклад:
Content-Type:application/json
Authorization:Bearer {{access_token}}
API-key:{{mis_client_secret}}
Request data validation
Validate Patient
Get Patient identifier from the URL
Check it exists in DB
Return 404 ('not found') in case of error
Validate Care plan
...
Access to the resource is also managed by ABAC rules (EN)
Validate Patient
Get Patient identifier from the URL
Check it exists in DB
Return 404 ('not found') in case of error
...
Validate User
...
Extract user_id from token.
Check user has an active and approved employee from legal entity (token) for which one of the conditions is TRUE:
...
has an active Approval granted by the Patient on write or read the Care plan resource (care plan id from URL)
Return 403 ('Access denied') in case employee has no Approval on read or write
...
has an active declaration with the patient
Return 403 ('Access denied') in case there no active declaration with patient and none of other conditions is true
user belongs to the legal entity where the care_plans were created
...
Processing
Service logic
Service returns all Care plans related to the patient filtered by submitted parameters:
Get all care plans by patient_id from care_plans collection (MongoDB)
Filter list above by submitted search parameters
Render a response according to specification with found Care plan entities. Care plans should be rendered without their activities.
Response structure
See on Apiary
...