ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

Requirements

  1. Відміна направлення (Recalled)

Specification

  1. Recall Service Request

Validations

Authorization

  • Verify the validity of access token
    • Return (401, 'unauthorized') in case of validation fails
  • Verify that token is not expired
    • in case of error - return (401, 'unauthorized')
  • Check user scopes in order to perform this action (scope = 'service_request:write')
    1. Return (403, 'invalid scopes') in case of invalid scope(s)

Validate legal entity

  • Check legal entity type: it has to be in me_allowed_transactions_le_types config parameter, has status = active and nhs_verified = true
    • in case of error return 409 "Action is not allowed for the legal entity"

Validate digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
See service specification

1. Ensure that digital signature is valid

2. Validate that requester of service request is a current user

2.1. Get token metadata

  • Extract user_id, client_id, client_type

2.2. Determine the party_id associated with this user_id

SELECT pu.party_id
FROM party_users pu
WHERE pu.user_id = :user_id;

2.3. Determine employees related to this party_id in current MSP

SELECT e.id
FROM employees e
WHERE e.party_id = :party_id
AND e.legal_entity_id = :client_id;

2.4 Ensure that $.requester.identifier.value matches with user employees

3. Validate that DS belongs to the requester of encounter

3.1. Determine the party_id associated with requester ($.requester.identifier.value)

SELECT p.tax_id
FROM employees e, parties p
WHERE e.party_id = p.id
AND e.id = :requester;

Validate request using JSON Schema

Return 422 with the list of validation errors in case validation fails

Validate permission to recall

Only doctor who signed this service request is able to recall this service request

Covered by DS validation (see Validate digital signature p.2)

Validate transition

Only active service request can be recalled

  1. Get current service request status
    1. Check that status in ('active')
      1. in case of error - return 409 error ('Service request in status %status% cannot be recalled')

Validate cancelation reason


Validate content

Signed content must match with service request in DB in order to be recalled

  1. Render service request from DB
  2. Exclude $.status_reason and $.explanatory_letter from signed content
  3. Compare rendered service request and signed content
    1. In case both object doesn't match - return 422 ('Signed content doesn't match with previously created service request')

Service logic

  1. Save signed content to media storage
  2. Update service request status to Recalled (update also updated_at, updated_by)
  3. Write record to status history
  4. Send SMS to patient (if authentication_method_current == SMS)
    1. Template - TBD
  5. Async! Revoke all approvals made by this service request
  • No labels

ЕСОЗ - публічна документація