Overview

This WS allows to cancel procedure in case they were entered in error.

Specification

Apiary

Authorization

Validate token

• Verify the validity of access token

  • Return 401 in case validation fails

• Verify token is not expired

  • in case error return 401 

Validate scopes

• Check user scopes in order to perform this action (scope = 'procedure:write')

  1. Return 403 in case invalid scope(s)

Validate legal entity

• Validate procedure belongs to the legal entity where the current user works

  • ME.procedure.managing_organization==token.client_id

    • in case of error return 403 "User is not allowed to perform this action"

Validate patient

• Validate patient is active

  •  ME.patient.status=="active" and is_active=true

    • in case of error return "Patient is not active"

Request validation

1. Validate digital signature

   1. ds.drfo == PRM.parties.tax_id where (PRM.parties.id==PRM.employees.party_id where (PRM.employees.id==$.performer.identifier.value))

2. Compare signed_content to previously created content

   1. select procedure, select * from procedures context.identifier.value=procedure_id and compare to signed_content (do not include status, status_reason and explanatory_letter )

      1. in case of inconsistencies return "Submitted signed content does not correspond to previously created content"

3. Validate status_reason is in dictionary eHealth/procedure_status_reasons

   1. in case error return 422, "status_reason not in a dictionary eHealth/procedure_status_reasons"

4. Validate user performs action with procedure that belong to his legal entity

   1. ME.patient{patinet_id}.procedures{procedure_id}.managing_organization==token.client_id

      1. in case of error return 422 "Managing_organization in the procedure does not correspond to user`s legal_entity"

Request processing

1. Save signed_content to Media Storage

2. Set status `ENTERED_IN_ERROR` for procedure

3. Set cancellation_reason

4. Set explanatory_letter