Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel3

...

Page Properties

Link

https://medicaleventsmisapi.docs.apiary.io/#reference/service-requests/manage-service-requests-in-patient-context/cancel-service-request

Resource

/api/patients/{{id}}/service_requests/{{id}}/actions/cancel

Scope

service_request:cancel

Components

Service request

Microservices

API paragraph not found

Protocol type

REST

Request type

PATCH

Sync/Async

Async

Public/Private/Internal

Public

Logic

Відкликання направлення (entered in error)

This method must be used to cancel existing Service Request. Method receives signed message (pkcs7) that consists of signed content, digital signature and signer public key. All signature fields will be validated (including signer certificate authority)

...

  • Verify the validity of access token

    • Return (401, 'unauthorized') in case of validation fails

  • Verify that token is not expired

    • in case of error - return (401, 'unauthorized')

  • Check user scopes in order to perform this action (scope = 'service_request:cancel')

    1. Return (403, 'invalid scopes') in case of invalid scope(s)

Request to process the request using a token in the headers

Headers

Наприклад:

  • Content-Type:application/json

  • Authorization:Bearer mF_9.B5f-4.1JqM

  • api-key:aFBLVTZ6Z2dON1VIf BLOCK_UNVERIFIED_PARTY_USERS is true, then check party's data match following condition: verification_status != NOT_VERIFIED or (verification_status = NOT_VERIFIED and updated_at > current_date - UNVERIFIED_PARTY_PERIOD_DAYS_ALLOWED):

    • in case not match - return 403 ("Access denied. Party is not verified")

  • If BLOCK_DECEASED_PARTY_USERS is true, check that party is not deceased (party_verification record does not equal to: dracs_death_verification_status = VERIFIED and dracs_death_verification_reason = MANUAL_CONFIRMED):

    • in case of error - return 403 ("Access denied. Party is deceased")

Request to process the request using a token in the headers

Headers

Наприклад:

  • Content-Type:application/json

  • Authorization:Bearer: {{access_token}}

  • api-key: {{secret}}

Request data validation

Validate legal entity

...

Code Block
SELECT e.id FROM employees e WHERE e.party_id = :party_id
AND e.legal_entity_id = :client_id;

2.4 Ensure that $.requester.identifier.value matches with user employees

  1. Validate that DS belongs to the requester of encounter

...

Return 422 with the list of validation errors in case validation fails

Validate permission to cancel

Only doctor who signed this service request is able to cancel this service request

...

to cancel

Only doctor who signed this service request is able to cancel this service request

Implemented by DS validation (see Validate digital signature p.2)

Validate user

Canceling a Service Request is allowed for user if he has one of the following active and approved employee that:

  • is an Employee from legal entity where Service Request is created

    • in case of error - return 409 ("Only an employee from legal entity where service request is created can cancel service request")

Validate transition

Only active service request can be canceled

  1. Get current service request status

    1. Check that status in ('active', 'completed')', 'completed')

      1. in case of error - return 409 error ('Service request in status %status% cannot be canceled')

Validate cancelation reason

  1. Validate $.status_reason.code is a value from eHealth/service_request_cancel_reasons dictionary

    1. in case of error - return

      409 error ('Service request in status %status% cannot be canceled'

      422 ("value is not allowed in enum")

Validate

...

Validate content

Signed content must match with service request in DB in order to be canceled

...

  1. Save signed content to media storage

  2. Update service request status to entered_in_error (update also updated_at, updated_by)

  3. Write record to status history

  4. Send SMS to patient (if authentication_method_current == SMS, do NOT send sms in case performer is present in SR)

    1. Template - TBD

  5. Async! Revoke all approvals made by this service request

  6. if the service request is based on the activity with quantity:

    1. Recalculate and set remaining_quantity for the activity as described at PreQualify Service Request | Validate service request

Response structure

See on Apiary

...