Table of Contents |
---|
Purpose
This WS merges person with preperson after merge request has been signed by employee.
Specification
...
method is used to sign merge request. Method receives signed message (pkcs7) including signed content, digital signature and signer public key in signed_content
property. All signature fields will be validated (including signer certificate authority).
Specification
Page Properties | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||||||||
|
Preconditions
Merge request must be approved.
Logic
Only authenticated and authorized SPECIALIST
...
employees can use this WS.
Usage of this WS allowed in EMERGENCY or OUTPATIENT legal entities.
Employee should sign merge request to link person with preperson.
Only request APPROVED by person can be signed.
The request can be signed only by employee who made the request.
Create objects in DB should be done in one transaction.
Status change of the merge request and preperson should be logged in the Event manager.
Succesfull merge does not create record in MPI.persons table for preperson, but deactivates record in MPI.prepersons and linked document in patient collection (mongo)
Data from the field data_to_be_signed used as request data for sign method.
...
Input parameters
Input parameter | Values | Type | Description | Example |
---|---|---|---|---|
id | String | Identifier of the merge request. Required | 7c3da506-804d-4550-8993-bf17f9ee0404 |
Request structure
See on Apiary
Example:
Expand | ||
---|---|---|
| ||
|
Authorize
Verify the validity of access token
Return 401 in case validation fails
Check user scopes in order to perform this action (scope = 'merge_request:
...
sign')
Return 403 in case invalid scope(s)
Check the employee has created this merge request. Thus select inserted_by from il.merge_requests of this merge request and compare it with user_id from the token.
Check that client_id from the token maches with il.merge_requests.legal_entity_id
If not match - return 422 error (User doesn’t belong to legal entity where the merge request was created)
Headers
Content-Type:application/json
Authorization:Bearer {{access_token}}
api-key:{{secret}}
Request data validation
Validate digital signature
Validate digital sign as described on sign patient request process
Check signed content
Check decoded signed content with previously created on IL.db.
|
In case if they are not equal - generate 422 error (message: "Signed content does not match the previously created content")
Generate data for sign and compare it with information from il.merge_requests.data
In case if they are not equal - generate 422 error (message: "Created content has been changed")
Validate schema
Validate request using schema (TBD)
Validate merge request
Validate merge request id exists in DB
In case of error - return 404
Check merge request status is APPROVED
In case of error - return 422 (Incorrect status to sign merge request)
Check signed content
Get previously request data from il.merge_requests.data.
Compare it with request data_ to_be_signed field.
In case they are not equal - return 422 error (Signed content does not match the previously created content)
Check patient_signed = true. It means that person signed printout content.
In case of error - return 422 error (Patient must sign merge request form).
Validate legal entity
Validate legal entity as on create merge request process.
Validate person
Validate person as on create merge request process.
Validate preperson
Validate preperson as on create merge request process, but w/o searching pending merge requests and episodes.
Validate employee
Validate employee as described on reject merge request process.
Check if preperson has at least one episode( status!= "entered_in_error")
if no episodes - return 409 (Preperson has no episodes)
Processing
Save signed merge request to media storage
Get url for merge request upload
...
.
Parameter | Source |
---|---|
action | 'GET' |
bucket | 'MERGE_REQUESTS' |
resource_id | : MERGE_REQUEST_ID |
resource_name | : MERGE_REQUEST_NAME |
timestamp | :TIMESTAMP |
...
Upload signed merge request to media storage.
Create object in DB
mpi.merged_pairs table
Parameter | Source | Description |
---|---|---|
id | uuid | Authogenerated, required. |
master_person_id | merge_requests.master_person_id | Identifier of the person in MPI.persons, required |
merge_person_id | merge_requests.merge_person_id | Identifier of the preperson in MPI.prepersons, required |
inserted_at | timestamp | Get current date-time |
updated_at | timestamp | Get current date-time |
Update object in DB
1. il.merge_requeststable
Parameter | Source | Description |
---|---|---|
status | string | Status of the request, required. Set SIGNED |
merged_pair_id | uuid | Identifier of merged pair. Get from mpi.merged_pair.id |
patient_signed | bool | Evidence that person has signed the merge request. Set from Request, should be true. |
updated_by | uuid | Extract user from token |
updated_at | timestamp | Get current date-time |
2. mpi.prepersons table
Parameter | Source | Description |
---|---|---|
status | string | Status of the preperson, required. Set inactive |
updated_by | uuid | Extract user from token |
updated_at | timestamp | Get current date-time |
3. patients collection (mongo, separate job)
Parameter | Source | Description |
---|---|---|
status | string | Status of the preperson, required. Set inactive |
updated_by | uuid | Extract user from token |
updated_at | timestamp | Get current date-time |
Response structure
See on Apiary
Example:
Expand | ||
---|---|---|
| ||
|
HTTP status codes
Page Properties | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||
|