Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

Table of Contents

Purpose

Specification

Apiary TBD

...

Table of Contents

Purpose

This method used for update equipment data, except link with division and status

Specification

Page Properties
idAPI_Specification

Link

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/equipment/update-equipment

Посилання на Apiary або Swagger

Resource

/api/equipment/{{id}}

Посилання на ресурс, наприклад: /api/persons/create

Scope

equipment:write

Scope для доступу

Components

Devices and equipment

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

PATCH

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

  1. Only authenticated and authorized HR, ADMIN, OWNER employees can update equipment.

  2. Equipment can be updated from MSP, OUTPATIENT, PRIMARY_CARE and EMERGENCY legal entities.

  3. Only ACTIVE equipment can be updated.

  4. Update of division_id and status is not allowed with this service.

  5. Legal entity can update only its own equipments.

Input parameters

Input parameter

Values

Type

Description

Example

id

String

Equipment identifier. Required

d290f1ee-6c54-4b01-90e6-d701748f0851

Request structure

Example:

Expand
titleRequest example
Code Block
{
  "type": "23143534",
  "external_id": "123-ASD-#1",
  "udi": [
    {
      "value": "IMEI 49015420323751",
      "type": "default",
      "assigner_name": "Ukrainian center of the certification"
    }
  ],
  "lot_number": "RZ12345678",
  "manufacturer": "GlobalMed, Inc",
  "manufacture_date": "1999-01-01",
  "expiration_date": "2020-01-01",
  "model_number": "NSPX30",
  "part_number": "#e30-SD",
  "version": "v1.0.

...

1",
  "name": "Рентген апарат флюрографічній",
  "serial_number": "S/N234554",
  "note": "Технічний огляд раз на рік"
}

Authorize

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check user scopes in order to perform this action (scope = 'equipment:write')

    1. Return 403 in case invalid scope(s)

Headers

Наприклад:

Content-Type:application/json

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

api-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

Validate legal entity

Check that legal entity is active (status = ACTIVE, SUSPENDED)

...

  1. Extract client_id

...

  1.  from token (token.client_id == legal_entity_id)

  2. Check legal entity status (status = ACTIVE, SUSPENDED)

    1. In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)

Validate equipment

  1. Check that ID in URL exists in the system

    1. In case of error - return 404

  2. Check that equipment belongs to the same legal entity as the user

    1. In case of error - return 403

Validate request

Validate request using schema (TBD)

Processing

Update object in DB

1. 

...

equipment table

Parameter

Source

Description

type

Request: type

Get from request body

external_id

Request: external_id

Get from request body

udi

Request: udi

Get from request body

lot_number

Request: lot_number

Get from request body

manufacturer

Request: manufacturer

Get from request body

manufacture_date

Request: manufacture_date

Get from request body

expiration_date

Request: expiration_date

Get from request body

model_number

Request: model_number

Get from request body

part_number

Request: part_number

Get from request body

version

Request: version

Get from request body

name

Request: name

Get from request body

serial_number

Request: serial_number

Get from request body

note

Request: note

Get from request body

updated_at

Timestamp: now()

Get current date-time

updated_by

Token:

...

 user_id

Extract user from token

Response structure

Example:

Expand
titleResponse example
Code Block
{
  "meta": {
    "code": 200,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "7c3da506-804d-4550-8993-bf17f9ee0402",
    "division_id": "8be63914-a278-470b-b868-1af5b9087332",
    "legal_entity_id": "483af06f-d4c6-4c9e-8d9b-680b5ef7270d",
    "type": "23143534",
    "external_id": "123-ASD-#1",
    "udi": [
      {
        "value": "IMEI 49015420323751",
        "type": "default",
        "assigner_name": "Ukrainian center of the certification"
      }
    ],
    "lot_number": "RZ12345678",
    "manufacturer": "GlobalMed, Inc",
    "manufacture_date": "1999-01-01",
    "expiration_date": "2020-01-01",
    "model_number": "NSPX30",
    "part_number": "#e30-SD",
    "version": "v1.0.1",
    "name": "Рентген апарат флюрографічній",
    "serial_number": "S/N234554",
    "note": "Технічний огляд раз на рік",
    "status": "ACTIVE",
    "is_active": true,
    "inserted_at": "2017-04-20T19:14:13Z",
    "inserted_by": "e1453f4c-1077-4e85-8c98-c13ffca0063e",
    "updated_at": "2017-04-20T19:14:13Z",
    "updated_by": "2922a240-63db-404e-b730-09222bfeb2dd"
  }
}

HTTP status codes

Page Properties
idAPI_HTTP status codes

HTTP status code

Message

What caused the error

200

 Response

 

401

 

 Access token validation failed

403

  • Invalid scope(s)

  • Check that equipment belongs to the same legal entity as the user failed

404

Validation failed

409

Validation failed