| Table of Contents | ||||
|---|---|---|---|---|
|
...
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'approval:create ')
return 403 (“Your scope does not allow to access this resource. Missing allowances: approval:create ”) in case of invalid scope(s)
Headers
Наприклад:
Content-Type:application/json
Authorization:Bearer d368a4b0-4a0e-457a-b267-32359fa6288f
...
If service_request block is presented in request
Get Service_request details (only in active status)
use Response.permitted_resources as resources for approval(could be episode or diagnostic_report).
...
if forbidden_group block is presented in request
if diagnoses_group block is presented in request
Check forbidden group in the request exists and is_active in DB
in case of error return - 404 (not found)
Validate diagnoses_group
Check diagnoses_ group in the request exists and is_active in DB
in case of error return - 404 (not found)
Validate patient
if patient block is presented in request
Get patient_id from URL:
Check person_id from the request equal to the patient_id from URL
in case of error return - 404 (“Approval for one patient can not be created in another patient’s context”)
exists and is_active in DB
in case of error return - 404 (Person is not found)
Validate block child_resource
if child_resource is not empty:
validate that access_level == read
in case of error return - 422 ("$.access_level. value is not allowed in enum")
check that $.child_resource.identifier.value context is equal to $.resource.identifier.value
in case of error return - 422 (Child resource context id is not equal to granted resource id)
validate that service_requests / forbidden_groups / diagnoses_group / patients are not filled
in case of error return - 422 (schema does not allow additional properties)
validate that resources max items = 1
in case of error return - 422 ($.resources.expected a maximum of 1 items but got 2)
Validate person authentication_method
...
block | granted_resources | access_level | access to | reason |
|---|---|---|---|---|
resources | episode_of_care | read | Reading all the data of specified in approval episode | null |
diagnostic_report | read | Reading all the data of specified in approval diagnostic report | null | |
diagnostic_report | write | Canceling diagnostic report package | ||
care_plan | read | Reading all the data of specified in approval care plan | null | |
care_plan | write | Creating activities for care plan, cancelling medication requests or recalling/cancelling service requests based on care plan | ||
encounter | write | Canceling encounter data package | null | |
procedure | write | Canceling procedure | null | |
child_resources | diagnostic_report | read | Reading all the data of specified in context for diagnostic_report | null |
encounter | Reading all the data of specified in context for encounter | null | ||
condition | Reading all the data of specified in context for condition | null | ||
observation | Reading all the data of specified in context for observation | null | ||
activity | Reading all the data of specified in context for activity | null | ||
clinical_impression | Reading all the data of specified in context for clinical_impression | null | ||
allergy_intolerance | Reading all the data of specified in context for allergy_intolerance | null | ||
immunization | Reading all the data of specified in context for immunization | null | ||
device | Reading all the data of specified in context for device | null | ||
risk_assessment | Reading all the data of specified in context for risk_assessment | null | ||
procedure | Reading all the data of specified in context for procedure | null | ||
service_request | episode_of_care | read | Reading data from granted_resources in approval service request | service_request |
diagnostic_report | read | |||
forbidden_group | forbidden_group | read | Reading all the medical events with items (codes/services/service_groups) of specified in approval forbidden groups | null |
diagnoses_group | episode_of_care array | read | Reading all data of episodes with diagnoses_history.codes that specified in approval diagnoses group | null |
patient_id | patient_id | read | Reading all the data of specified patient | null |
Validate authorize_with
The patient can pass the id of his auth_method which he wants to confirm the approval. The necessary auth method can be found by making Get person's auth methods
...
All the approvals in status "new" should be deleted 12 hours after creation - env. configuration parameter
All approvals with forbidden_group has its own expires_at config parameter - env. configuration parameter
All approvals with care_plan has its own expires_at config parameter - env. configuration parameter
All approvals with patient has its own expires_at config parameter - env. configuration parameter
Approvals with child_resources will be created ON entity which is context of this child_resources
For approvals on child_resource with resource and on service_request:
set child resource to block reason
set service_request to block reason
Check if for granted_resource and\or for reason there are forbidden groups
if there are items from forbidden group
check type of authentication_method for patient
If type = 'OTP' send SMS (Код <code>: доступ на записи ВІЛ та/або РПП https://bit.ly/nszu1677a)
if there NO forbidden group items
check type of authentication_method for patient
If type = 'OTP' send SMS (Код авторизації дій в системі eHealth: <code>')
Response structure
See on Apiary
...