Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Introduction

Web service "Submit Activity Type Package" allows to transmit new or update existing activity type, its related data and legal entity licenses in e-Health system in one call. Activity types are created/updated one by one.

Specification

Apiary

Validation

Authorization

  1. Verify the validity of access token
    1. in case of error return 401 ('Access denied')
  2. Check user scope activity_type:write in order to perform this action
    1. in case of error generate 403 response ('Invalid scopes')

Request validation

Note: All IDs, submitted as PK, should be unique for eHealth when creating new record

Validate Owner

  1. Check that one of token.user_id employees is an OWNER of current legal_entity 
    1. in case validation fails - generate 409 - "Only owner of legal entity can create or update activity types and(or) licenses for legal entity"

Validate digital signature

  1. Validate signature 
  2. Extract signer Certificate details

Validate encoded signed content according to JSON Schema

  1. Return 422 with list of validation errors in case validation fails

Validate Legal Entity

  1. Check that legal_entities.is_active = true and legal_entities.status = active for current legal entity
    1. in case of error return 409 - "legal entity is not active"
  2. token.Client_id must match current legal entity
    1. in case of error return 422 
  3. EDRPOU for token.client_id must match EDRPOU $.legal_entity.edrpou
    1. in case of error return 422 

Validate Tax ID

  1. Check that EDRPOU in Certificate details exists and not empty
    1. Check that EDRPOU in Certificate details is valid according to ^[0-9]{8,10}$
    2. Check that EDRPOU in Certificate details is equal to $.legal_entity.edrpou  
      1. In case validation fails - generate 422 error
  2. If EDRPOU in Certificate details is empty check that DRFO exists and not empty
    1. Check that DRFO in Certificate details is valid according to ^[0-9]{9,10}$
    2. Check that DRFO in Certificate details is equal to $.legal_entity.edrpou 
      1. In case validation fails - generate 422 error
  3. In case EDRPOU and DRFO is empty return error 422, msg "EDRPOU and DRFO is empty in digital sign"

Validate Licenses

  1. Apply current validations which depends on license type
  2. Check that legal entity has at least one kved which corresponds to license type according to the following table
    1. in case validation fails - generate 409 - "Legal entity does not have any KVED corresponding to license type"

      LICENSE_TYPE
      Rule
      MSPat least one KVED from KVEDS_ALLOWED_MSP
      PHARMACYat least one KVED from KVEDS_ALLOWED_PHARMACY


  3. Check that license type is not changed and license is active and is not expired for existing license
    1. if $.license.id is not null then search for current legal entity license in prm.licenses with id = $.license.id 
      1. If record is found then check that:
        1. prm.licenses.is_active = true
          1. in case validation fails - generate 409 - "Inactive license update is not allowed"
        2. prm.licenses.type = $.license.type 
          1. in case validation fails - generate 409 - "License type update is not allowed"
        3.  If $.licenses data is not provided check that prm.licenses.expiry_date is empty or more than today
          1. in case validation fails - generate 409 - "Activity type can not be linked to expired license"
      2. if record is not found generate 422

Validate Activity Type

  1. Check that activity_type type is not changed and activity_type is active for existing activity_type
    1. If $.activity_type.id is not null then search for current legal entity activity type in prm.activity_types where id = $.activity_type.id
      1. if record is found then check that
        1. prm.activity_types.type = $.activity_type.type
          1. in case validation fails - generate 409 - "Update of type for activity type is not allowed"
        2. prm.activity_types.is_active = true
          1. in case validation fails - generate 409 - "Inactive activity type update is not allowed"
  2. Check that activity type with the same type does not exist in DB for new activity type
    1. If $.activity_type.id is null then search for current legal entity activity type in prm.activity_types where is_active=true and type = $.activity_type.type
      1. If record is found then generate 409 - "Active activity type with the same type already exists"
  3. Check $.activity_type.type license obligation and license type needed (see table below) 
    1. If license is a must:
      1. check that $.activity_type.license_id is not null or ($.licenses has data and $.licenses.id is null)
        1. in case validation fails - generate 422
      2. if $.activity_type.license_id is not null then check that $.activity_type.license_id = $.licenses.id 
        1. in case validation fails - generate 409 - "Activity type linked license has to be the same as license"
      3. If $.license.type is provided then check that $.license.type is of needed type
        1. in case validation fails - generate 409 - "Activity type does not correspont to its license type"
      4. If  $.license.type is not provided then check that prm.licenses.type is of needed type
        1. in case validation fails - generate 409 - "Activity type does not correspont to its license type" 

...

Activity typeLicense neededLicense type
PRIMARY_CAREYMSP
AMBULATORYYMSP
PHARMACYYPHARMACY
MISN
NHSN


Processing

  1. Search for current legal entity license in prm.licenses where id = $.license.id
    1. if record is found update it 
    2. if record is not found create new record
    3. set nhs_verified = false
  2. Search for current legal entity activity type in prm.activity_types where id = $.activity_type.id
    1. If record is found update it
      1. if prm.activity_types.status <> active then set prm.activity_types.status = active, write to audit_log
    2. if record is not found create new record with status = active
    3. set nhs_verified = false
  3. Find contracts by contractor_legal_entity_id for current legal entity where status='VERIFIED' AND ops.contracts.type corresponding to activity_type (use ops.contracts.type to activity_type mapping described in https://zube.io/edenlabllc/e-health/c/5969capitation_activity_types: PRIMARY_CARE, reimbursement_activity_types: PHARMACY)
    1. set ops.contracts.is_suspended=true
  4. Save signed_content to Media Storage
    1. every version should be saved
  5. Save data to corresponding collections in DBs
  6. Save link to the signed content to the activity type

...