ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

Purpose

This method allows you to add a role to an employee according to the type of medical service for which the role is being added.

Specification

Link

eHealth MIS API · Apiary

Посилання на Apiary або Swagger

Resource

/api/employee_roles

Посилання на ресурс, наприклад: /api/persons/create

Scope

employee_role:write

Scope для доступу

Components

Scopes model

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

API paragraph not found

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

REST

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

POST

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Public

Потрібно зазначити тип методу за ступенем доступності

Logic

  1. Only authenticated and authorized user can use this service

  2. Employee role must be valid and consistent, i.e. all "foreign keys" must be valid

  3. It can be only one active employee_role for the single employee and healthcare service

Input parameters

ATTRIBUTES - see on Apiary

Request structure

Example:

 Request example
{
  "healthcare_service_id": "98b6ed10-17b4-44f1-892c-7514f66bf505",
  "employee_id": "9d229fcb-6a77-4574-99a5-30729aa518fd"
}

Authorize

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Check scopes in order to perform this action (scope = 'employee_role:write')

    1. Return 403 in case invalid scope(s)

Headers

Наприклад:

  • Content-Type:application/json

  • Authorization:Bearer c2778f3064753ea70de870a53795f5c9

  • api-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

Validate request

Validate request using JSON schema

Validate legal entity

Check that legal entity is active (status = ACTIVE, SUSPENDED)

  1. Extract client_id from token (token.client_id == legal_entity_id)

  2. Check legal entity status (status = ACTIVE, SUSPENDED)

    1. In case of error - return 409 (Legal entity must be ACTIVE or SUSPENDED)

Validate FK

  1. Validate healthcare_service_id - healthcare service exists and is_active = true

    1. Return 422 in case validation fails

  2. Validate employee_id - employee exists and is_active = true

    1. Return 422 in case validation fails

Validate constraint

It can be only one active employee_role for the single employee and healthcare service

  1. Check that there is no another active record (status = ACTIVE) with the same employee and healthcare service

    1. Return 409 (Duplicated employee role for this employee and healthcare service) in case such pair exists

Validate healthcare service

Check that healthcare service belongs to the same legal entity as the user and healthcare service is active

  1. Extract client_id from token (token.client_id == legal_entity_id)

  2. Validate legal entity on healthcare service

  3. Check healthcare service status (status = ACTIVE)

Validate employee and its specialization

Check that employee belongs to the same legal entity as the user, employee is active and has the same specializations as the healthcare service

  1. Extract client_id from token (token.client_id == legal_entity_id)

  2. Validate legal entity on employee service

  3. Check employee status (status = APPROVED)

  4. Validate specialization on employee (where specialities.speciality_officio = true) and healthcare service

Processing

Save object to DB

Parameter

Source

Description

id

UUID

Autogenerated

start_date

Timestamp: now()

Get current date-time

status

Const: ACTIVE

By default ACTIVE for new records

is_active

Const: TRUE

Always TRUE for new records

inserted_at

Timestamp: now()

Get current date-time

inserted_by

Token: user_id

Extract user from token

updated_at

Timestamp: now()

Get current date-time

updated_by

Token: user_id

Extract user from token

Response structure

Example:

 Response example
{
  "meta": {
    "code": 201,
    "url": "https://example.com/resource",
    "type": "object",
    "request_id": "6617aeec-15e2-4d6f-b9bd-53559c358f97#17810"
  },
  "data": {
    "id": "7c3da506-804d-4550-8993-bf17f9ee0402",
    "healthcare_service_id": "98b6ed10-17b4-44f1-892c-7514f66bf505",
    "employee_id": "9d229fcb-6a77-4574-99a5-30729aa518fd",
    "start_date": "2019-04-20T19:14:13Z",
    "end_date": "2017-12-20T19:14:13Z",
    "status": "ACTIVE",
    "is_active": true,
    "inserted_at": "2017-04-20T19:14:13Z",
    "inserted_by": "e1453f4c-1077-4e85-8c98-c13ffca0063e",
    "updated_at": "2017-04-20T19:14:13Z",
    "updated_by": "2922a240-63db-404e-b730-09222bfeb2dd"
  }
}

HTTP status codes

HTTP status code

Message

What caused the error

201

 Response

 

401

 

Invalid access token

403

Invalid scope(s)

409

Validation failed

422

Validation failed


  • No labels