Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

...

Returns care plan list filtered by submitted parameters within specified patient.

Input parameters

Input parameter

Values

Type

Description

Example

patient_id

String

MPI identifier of the patient

7c3da506-804d-4550-8993-bf17f9ee0402

Filters

Filter

Values

Type

Description

Example

period_date

Date

date within Care plan's period incleuding start and end dates

2018-08-02

encounter_id

String

identifier of the encounter in Care plan

7c3da506-804d-4550-8993-bf17f9ee0400

based_on

String

Care Plan identifier on which returned Care plans are based on

7c3da506-804d-4550-8993-bf17f9ee0401

part_of

String

parent Care Plan identifier which includes returned Care plans

7c3da506-804d-4550-8993-bf17f9ee0401

status

String

Care plan's status

active

page

Number

Page number

2

page_size

Number

A limit on the number of objects to be returned, between 1 and 100. Default: 50

50

Dictionaries

PROVIDING_CONDITION

Request structure

Authorize

  1. Verify the validity of access token

    1. Return (401, 'unauthorized') in case of validation fails

  2. Verify that token is not expired

    1. in case of error - return (401, 'unauthorized')

  3. Check user scopes in order to perform this action (scope = 'care_plan:read')

    1. Return (403, 'invalid scopes') in case of invalid scope(s)

Request to process the request using a token in the headers

Headers

Наприклад:

Content-Type:application/json
Authorization:Bearer {{access_token}}
API-key:{{mis_client_secret}}

Request data validation

Validate Patient

  • Get Patient identifier from the URL

  • Check it exists in DB

    • Return 404 ('not found') in case of error

Validate Care plan

...

Access to the resource is also managed by ABAC rules (EN)

Validate Patient

  1. Get Patient identifier from the URL

  2. Check it exists in DB

    1. Return 404 ('not found') in case of error

...

Validate User

...

Extract user_id from token.

Check user has an active and approved employee from legal entity (token) for which one of the conditions is TRUE:

...

has an active Approval granted by the Patient on write or read the Care plan resource (care plan id from URL)

  • Return 403 ('Access denied') in case employee has no Approval on read or write

...

has an active declaration with the patient

  • Return 403 ('Access denied') in case there no active declaration with patient and none of other conditions is true

user belongs to the legal entity where the care_plans were created

...

Processing

Service logic

Service returns all Care plans related to the patient filtered by submitted parameters:

  1. Get all care plans by patient_id from care_plans collection (MongoDB)

  2. Filter list above by submitted search parameters

  3. Render a response according to specification with found Care plan entities. Care plans should be rendered without their activities.

Response structure

See on Apiary

...