Table of Contents | ||||
---|---|---|---|---|
|
Required parameters are marked with "*"
...
Purpose
...
This WS allows to create medical program provision by divisions of user’s legal entity. It shows what divisions provides medical program according to legal entity contractprogram.
Key points
This is a REST method.
Only authenticated and authorized pharmacy owner with appropriate scope can create a Medical program provision.
Request should be signed with DS.
User can add multiple divisions at once to provide a medical program.
Specification
...
Page Properties | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Logic*
This method allows to create medical program provision by divisions of user’s legal entity. It shows what divisions provide medical program according to legal entity contract. Method receives signed message (pkcs7) that consists of signed content, digital signature and signer public key. All signature fields will be validated (including signer certificate authority). Service will store signed copy of the request in Media Content Storage if all checks is passed.
Key points
This is a REST method.
Only authenticated and authorized legal entity owner with appropriate scope can create a Medical program provision.
Request should be signed with DS.
User can add multiple divisions at once to provide a medical program.
...
|
Preconditions
MSP/Pharmacy contracts should be created and signed with NHS
Logic
Save signed content to media storage. Look at Bucket structure for details.
Save records to the database according to Data model
Request structure
See on Apiary
Example:
Expand | ||
---|---|---|
| ||
|
Dummy example:
Expand | ||
---|---|---|
|
Authorize
...
Verify the validity of access token
in case of error - return 401 “Invalid access token” in case of validation fails
Verify that token is not expired
in case of error - return 401 “Invalid access token”
Check user scopes in order to perform this action (scope = 'medical_program_provision:write')
return 403 “Your scope does not allow to access this resource. Missing allowances: medical_program_provision:write” in case of invalid scope(s)
Request to process the request using a token in the headers
Headers
...
Наприклад:
Content-Type:application/json
Authorization:Bearer F3GF124Df565FDS234SDF34
api-key:aDGFDFGT46S5gFGD
Request data validation
...
Validate Digital Sign
Validate request is signed
in case of error - return 422 “document must be signed by 1 signer but contains 0 signatures”
Check DS is valid and not expired
Validate that DS belongs to the user
Check that DRFO from DS and party.tax_id matches
in case of error - return 409 “Signer DRFO doesn't match with requester tax_id“422 “Does not match the signer drfo“
Validate legal entity
Extract client_id from token.
Check client scopes in order to perform this action (scope = 'medical_program_provision:write')
in case of error - return 403 “Your scope does not allow to access this resource. Missing allowances: medical_program_provision:write”
Check legal entity status (status = ACTIVE, SUSPENDEDSUSPENDED)
In case of error - return 422 “Legal entity is not active”
Validate request
...
Validate
contract_number
, if submitted:Select contract_number from contracts where:
type = REIMBURSEMENT
is_active=true
status =
...
VERIFIED
contractor_legal_entity = client_id (from token)
in case of error - return 422 “Your legal entity has no reimbursement contract with number <contract_number> or it is not active”
...
Validate
medical_program_id
:Сheck program exists and active
in case of error - return 422 “Medical program not found”
If medical program has funding_source is in ('NHS', 'LOCAL')
in case of error - return 422 “Medical program not found“
If medical program has funding_source = NHS:
Validate
contract_number
submitted:in case of error - return 422 “Contract number should be submitted for medical program with NHS funding source“
Check medical program belongs to the contract
in case of error - return 422 “Medical program does not belong to contract”
...
If medical program has funding_source = LOCAL:
Validate
msp_legal_entity_id
submitted:in case of error - return 422 “MSP legal entity should be submitted for medical program with LOCAL funding source“
Validate
divisions
:Check divisions are not duplicated in the array
in case of error - return 422 “Division list has duplicated identifiers in the request”
For each division in the array:
Validate it exists and active (is_active = true and status = ACTIVE):
in case of error - return 422 “Division
...
does not exist or not active”
If chart
...
parameter
DISPENSE_DIVISION_DLS_VERIFY
...
is on,
...
then validate it DLS verified (dls_verified=true)
in case of error - return 422 “Division with id <id> is not verified in DLS”
Validate it belongs to the legal entity (client_id from token)
in case of error - return 422 “Division
...
does not belong to legal entity”
Validate there is no existing active records with the same division, medical program
...
, contract number or msp_legal_entity_id
in case of error - return 422 “The medical program has already been provided by division according to the contract or MSP legal entity“
Validate it is DLS verified by one of the params (if both params are on, check that at least one of checks passes):
If chart parameter DISPENSE_DIVISION_DLS_VERIFY is on, check that division.dls_verified=true
If chart parameter DISPENSE_DIVISION_HEALTHCARE_SERVICE_DLS_VERIFY is on, check that exists healthcare service with division
...
_id = $.divisions.[*], category = ‘PHARMACY’, status = ‘ACTIVE’ and licensed_healthcare_service.status = ‘ACTIVE’
in case of error - return 422 “Division with id <id> is not verified in DLS”
Validate
msp_legal_entity_id
, if submitted:Check legal entity exists and is_active:
in case of error - return 422 “MSP legal entity not found”
Check legal entity status (status = ACTIVE, SUSPENDED)
In case of error - return 422 “Invalid status of MSP legal entity”
Check legal entity type (type = PRIMARY_CARE, OUTPATIENT, EMERGENCY)
In case of error - return 422 “Legal entity type should be of PRIMARY_CARE, OUTPATIENT or EMERGENCY”
Processing
Save signed content to media storage. Look at Bucket structure for details.
Save records to the database according to Data model
Response structure
...
See on Apiary
Example:
Expand | ||
---|---|---|
| ||
|
...
API paragraph not found
HTTP status codes
...
HTTP status code | Message | What caused the error |
---|---|---|
201 | Response |
|
401 | Invalid access token | |
403 | Your scope does not allow to access this resource. Missing allowances: medical_program_provision:write | |
422 | Validation error |