Versions Compared

Version Old Version 33 New Version Current
Changes made by

Dmytro Omelchenko (SoE eHealth)

Yuliia Mazur (UA SoE eHealth)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

...

Page Properties

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/person-requests/sign-person-request

Посилання на Apiary або Swagger

Resource

/api/person_requests/{{id}}/actions/sign

Посилання на ресурс, наприклад: /api/persons/create

Scope

person_request:write

Scope для доступу

Components

Patient registry

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

il/api

fe/admin-web

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

PATCH

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

...

Person request must be approved.

Input parameters

Input parameter

Values

Type

Description

Example

id

 

String

Required

eeebb86d-5cba-43c9-885b-6482ecaf826b

Request structure

Example:

...

  1. Verify the validity of access token

    1. Return (401, 'Invalid access token') in case of validation fails.

    Check scopes

  2. Verify that token is not expired

    • in case of error - return (401, 'Invalid access token')

  3. Check user scopes in order to perform this action (scope = 'person_request:write')

    • Return (403, 'Your scope does not allow to access this resource. Missing allowances: person_request:write') in case of invalid scope(s)

    .

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
See service specification.

...

Latin to Cyrillic mapping

Code Block
%{"A" => "А", "B" => "В", "C" => "С", "E" => "Е", "H" => "Н", "I" => "І", "K" => "К", "M" => "М", "O" => "О", "P" => "Р", "T" => "Т", "X" => "Х"}

Validate request

  1. Validate request using JSON schema (See specification)

    1. In case validation fails - generate 422 error.

  2. Check patient request status

    1. If status is not APPROVED, - returned error 'Incorrect status'.

...

Check decoded signed content with previously created on IL.db.

Code Block
SELECT data
FROM patient_requests
WHERE id = {:id}

In case if they are not equal - generate 422 error (message: "Signed content does not match the previously created content")

...

Start date: start_date = Current_date()

End date:

if (person.age < prm.global_parameters.no_self_auth_age) {

  end_date = end_date =birth_date + prm.global_parameters.no_self_auth_age - 1d;

} else {

  end_date = start_date + third_person_term;

}

Also to table person_auth_methods add this method as default(field `default` = TRUE) - it's for all auth_method.type

Check if Person should be sent for verification

Please note, (GraphQL) Update person refers to this validation.

if person’s data match any of the following rules:

validate all Rules 01-05

  1. Person has OFFLINE auth method
    if create Person process, check Request
    if update Person process, check within MPI.person_athentication_methods table

  2. Person's age >= no_self_auth_age and no_tax_id = true (check in Request)

  3. Person's age >= no_self_auth_age and Person’s tax_id is invalid (i.e. not match with birth date or gender or invalid checksum) (check in Request)

  4. Person’s age < no_self_auth_age and has document with type BIRTH_CERTIFICATE_FOREIGN (check in Request)

  5. Person’s age >= no_self_auth_age and has document with type PERMANENT_RESIDENCE_PERMIT (check in Request)

then

manual verification is needed

  • Set MPI.persons.verification_status = VERIFICATION_NEEDED and

  • Set MPI.persons.verification_reason = RULES_TRIGGERED and

  • Create StateChangeEvent in event manager with new verification status

else

person will be verified with Registers

  • Set MPI.persons.verification_status = VERIFICATION_NEEDED and

  • Set MPI.persons.verification_reason = RULES_PASSED and

  • Set MPI.persons.verification_comment = NULL and

  • Create StateChangeEvent in event manager with new verification status

Submit person on verification

Info

Please note, (GraphQL) Update person refers to this section.

Create or update existing record in person_verifications table for a person according to logic in sections below. Also, set:

  • updated_at = now()

  • updated_by = user uuid

  • inserted_at = now() (for new records)

  • inserted_by = user uuid (for new records)

Manual NHS verification

If person’s data match any of the following rules:

  1. Person has OFFLINE auth method
    if create Person process, check Request
    if update Person process, check within MPI.person_athentication_methods table

  2. Person's age >= no_self_auth_age and no_tax_id = true (check in Request)

  3. Person's age >= no_self_auth_age and Person’s tax_id is invalid (i.e. not match with birth date or gender or invalid checksum) (check in Request)

  4. Person’s age < no_self_auth_age and has document with type BIRTH_CERTIFICATE_FOREIGN (check in Request, within $.person.documents and $.person.confidant_person[:].documents_relationship[:])

  5. Person’s age >= no_self_auth_age and has document with type PERMANENT_RESIDENCE_PERMIT (check in Request)

thenmanual verification is needed. Set to person verification record:

  • nhs_verification_status = VERIFICATION_NEEDED

  • nhs_verification_reason = RULES_TRIGGERED

else manual verification is not needed. Set to person verification record:

  • nhs_verification_status = VERIFIED

  • nhs_verification_reason = RULES_PASSED

  • nhs_verification_comment = NULL

DRFO registry verification

Set to person verification record:

  • drfo_data_id = NULL

  • drfo_data_result = NULL

  • drfo_synced_at = NULL

  • drfo_verification_status = VERIFICATION_NEEDED

  • drfo_verification_reason = ONLINE_TRIGGERED

Then person will be verified online with DRFO registry via separate process: https://e-health-ua.atlassian.net/wiki/spaces/DRACS/pages/17250713607/DRFO + data + synchronization +for+Persons#Data-flowfor Persons_EN

DRACS death acts registry verification

Set to person verification record as ready for online verification with DRACS death acts registry:

  • dracs_death_verification_status = VERIFICATION_NEEDED

  • dracs_death_verification_reason = ONLINE_TRIGGERED

  • dracs_death_online_status = READY

Then person will be verified online with DRACS death acts registry via separate process: https://e-health-ua.atlassian.net/wiki/spaces/DRACS/pages/17249763472Online verification of Persons with DRACS death acts registry_EN

Calculate cumulative verification status

Calculate persons cumulative verification status based on persons verification status in each stream: Manual NHS verification, DRFO registry verification, DRACS death acts registry verification according to logic described at https://e-health-ua.atlassian.net/wiki/spaces/DRACS/pages/17250582534/Person +verification+status+model#Cumulative- verification - status model_EN :

  • Set calculated status to persons.verification_status field

  • Create StatusChangeEvent in event manager with new verification status

Response structure

Example:

...