Authorize
Verify the validity of access token
in case error return 401
Check users scopes (declaration_request:write) to perform this action
in case error return 403 - forbidden
Validate request using JSON schema
Validate Legal Entity Type
Validate legal entity from token: legal_entities.type should be in DECLARATION_REQUEST_LEGAL_ENTITY_TYPES("MSP,PRIMARY_CARE,MSP_PHARMACY") and legal_entities.status =='active'
Validate doctor
Get employee details
Invoke Get employee details
Validate Response $.data.employee_type == DOCTOR
Take the doctor_id and the division_id from the token
Validate person
validate person_id UUID
in case error return 422
search person by person_id in MPI
in case error return 404, "Such person doesn't exist"
validate person.auth_method != NA
in case error return 422, "Person must have authentication method"
validate person.status = ‘active’ and is_active =true
in case error return 404, "Such person doesn't exist"
Validate authorize_with
The person can pass the id of his auth_method which he wants to confirm the create declaration request. The necessary auth method can be found by making Get person's auth methods
validate auth_method.id is UUID
in case error return 422
search auth method in MPI.person_authentication_method
in case error return 422, "such authentication method doesn't exist"
search auth method of this person where MPI.person_authentication_method.person_id = $.person.id
in case error return 422, "such authentication method does not belong to this person"
validate that auth_method.type = NA
in case error return 422, "Сannot be confirmed by a method with type= NA. Use a different method."
validate that this method is active ( authentication_method.ended_at > now() and is_active = true)
This field is optional and set in il.declaration_reques.authentication_method_current.
If person request doesn't have this field, then choose that method which is returned from mpi as person's default method
Get global parameters
Invoke Global parameters to get following parameters:
ADULT_AGE
DECLARATION_TERM
no_self_auth_ag
Calculate patient age
Calculate patient age
age = MONTHS_BETWEEN (now(), $.mpi.person.birth_date) / 12 |
Check that doctor speciality meets the patient age requirements
Get doctor's speciality_officio (speciality object where speciality_officio == true)
Check age requirements according to global parameters
Speciality officio | Age |
---|---|
FAMILY DOCTOR | All ages |
THERAPIST | Greater or equal to $.data.adult_age |
PEDIATRICIAN | Less than $.data.adult_age |
Validate confidant person
If person age < prm.global_parameters.no_self_auth_age check existence of confidant_person
in case error return 422 - msg "Confidant person is mandatory for children"
Search pending declaration requests
Search declarations in IL_DB.declaration_requests to prevent requests duplication:
where IL.Declaration_request.mpi_id = :($.person.id) and status in ('NEW' or 'APPROVED)
Cancel declaration requests
Change status of all found declarations:
SET IL_DB.declaration_requests.status = 'CANCELED' WHERE IL_DB.declaration_requests.id IN (:LIST) |
Calculate declaration end/start date
Declaration
Start date:
start_date = Current_date() |
End date:
if (person.age < 18)&(doctor.speciality = PEDIATRICIAN) { end_date = min(birth_date + 18y - 1d, start_date + declaration_term); } else { end_date = start_date + declaration_term; } |
Save declaration request
Insert record to IL.declaration_request in status 'NEW'
Generate upload URL
If auth_method_requests.auth_method_current = OFFLINE
URL for person.documents
Depending on the payload system generates list of signed urls for document scan-copies upload.
Signed URLs to be expired after some period of time (configurable `SECRETS_TTL`). If it has been expired - new declaration request should be created.
Each link is generated for one one-page document in jpeg format. Document should be no more than 10MB.
Set auth_method_current
Set default auth method of person on IL.auth_method_request.auth_method_current - use function in mpi, that return default auth method.
If auth_method_current = NA - return Error "person authentication method is undefined"
.
Generate verification code
If auth_method_requests.auth_method_current = OTP
Invoke Initialize OTP to generate one time password and send it where auth_method_requests.auth_method_current = OTP.
cURL example
curl -X POST \ http://localhost:4000/verifications \ -H 'content-type: application/json' \ -d '{ "phone_number": "+380936235985" }' |
Generate human readable declaration number
Use algorithm to generate declaration_number
Declaration number should consist of a 4 serial symbols and 8 number symbols and looks like XXXX-12H4-245D
Add field to ops.declarations and il.declaration_requests - declaration_number
Add declaration_number to print out form
Validate uniqueness of human readable declaration number
generate declaration_number
Search declaration_number in declaration_requests.declaration_number
if exists = go to 'generate declaration_number'
else save declaration_number to declaration_request