ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

/wiki/spaces/EN/pages/17591304241 (remove the link block before publishing the document)

Properties of a REST API method document

Document type

Метод REST API

Document title

[Document status] REST API [Назва методу] [ID методу]

Guideline ID

GUI-0011

Author

@

Document version

1

Document status

DRAFT

Date of creation

ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)

Date of update

ХХ.ХХ.ХХХХ (дата зміни версії)

Method API ID

API-007-011-001-0474

Microservices (namespace)

MPI

Component

Auth

Component ID

COM-007-011

Link на API-специфікацію

https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/manage-client-configuration/get-client-details

Resource

{{host}}//api.ehealth.gov.ua/api/patients/id/encounter_package

Scope

Protocol type

REST

Request type

Sync/Async

Public/Private

Purpose

This WS is designed to resend SMS to the patient(or confidant person) with composition number in case it wasn’t delivered the first time.

Key points

  1. Only authenticated and authorized user with appropriate scope can resend SMS.

  2. SMS with composition number can be resent only to person with auth_method with type OTP.

  3. SMS with composition number can be resent only for Composition in FINAL status.

Logic

Description of the working algorithm of the API method and the interaction of services with each other add Service logic (if necessary)

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

Description of input parameters

Input parameter

Mandatory

Type

Description

Example

1

composition_id

 M

String ($uuid) (path)

Composition object ID

 89678f60-4cdc-4fe3-ae83-e8b3ebd35c59

2

 

 

 

 

 

Request structure

See on API-specification (посилання на сторінку з API-специфікацією)

Description of the REST API request structure, example

 Example
 

Headers

Key

Value

Mandatory

Description

Example

1

Content-Type

application/json

M

Тип контенту

Content-Type:application/json

2

Authorization

Bearer c2778f3064753ea70de870a53795f5c9

M

Перевірка користувача

Authorization:Bearer c2778f3064753ea70de870a53795f5c9

3

 

 

 

 

 

Request data validation

Validations

  1. Validate person

    1. Check if person with patient_id from request exists

      1. in case of error - return 404 (“Not found”)

    2. Check if person with patient_id from request is not preperson

      1. in case of validation fails skip all steps below

  1. Check if Composition with composition_id from request is exist

    1. in case of error - return 404 (“Not found”) in case of validation fails

  2. Validate Composition

    1. Check that status is not 'entered_in_error'

      1. in case of error - return 409 error ('You can not resend SMS for Composition in status %status%')

  3. Validate legal entity

    1. Check that legal_entity_type is included in chart variables ME_ALLOWED_TRANSACTIONS_LE_TYPES config parameter

      1. in case of error return 409 "Action is not allowed for the legal entity"

    2. Check that legal_entity has status = active

      1. in case of error return 409 "Action is not allowed for the legal entity" 

Processing

Processing

  1. Call [Transferred] SMS timeout procedure to check if resending is allowed using:

    • COMPOSITION_MAX_ATTEMPTS_COUNT as MAX_ATTEMPTS_COUNT

    • COMPOSITION_SEND_TIMEOUT as SEND_TIMEOUT

    • "composition" as entity_name

    • composition_id as entity_id

    in case of error - return 429 ("Sending SMS timeout. Try later. Next attempt will be available at <attempts.oldest.value + SEND_TIMEOUT>")

  2. Get person's authentication_method according to logic:

    1. If authorize_with exists in Composition and is not empty, check:

      1. Authentication method exists in person_authentication_methods table in MPI DB (with is_active=true), is active (ended_at > now() or null)

      2. Get value of THIRD_PERSON_CONFIDANT_PERSON_RELATIONSHIP_CHECK config parameter

        1. if it is set to true - for authentication method with type = THIRD_PERSON check that person from value is an approved confidant for a person from Composition:

          1. exists active and approved confidant person relationship between patient from the Composition and confidant_person_id from authentication method value (using following logic: Check confidant person relationship with person_id = person from request and confidant_person_id = value from auth method - expected :ok, :approved response)

        2. in case any validation failed - return 409 ('Authentication method doesn't exist or is inactive')

        3. else - get authentication_method from authorize_with

      3. If authorize_with does not exist in composition request or is empty - get default authentication_method of person from MPI using logic https://e-health-ua.atlassian.net/wiki/spaces/EH/pages/622133300

    2. If authentication_method == OTP or THIRD_PERSON (with OTP) 

      1. Generate text SMS with template CREATE_{{COMPOSITION_TYPE}}_COMPOSITION_SMS_TEMPLATE.

      2. Send SMS

      3. else, if authentication_method is not OTP or THIRD_PERSON (with OTP) return an error

        1. return 409 ('Authentication method doesn't exist or is inactive')

Response structure examples

See on API-specification (посилання на сторінку з API-специфікацією)

Description of the REST API response structure, example

 Example
 

HTTP status codes

Response code

HTTP Status code

Message

Internal name

Description

Response code

HTTP Status code

Message

Internal name

Description

1

Базові

2

401

Invalid access token

3

 

401

Unauthorized

 

Помилка підтвердження

4

403

Your scope does not allow to access this resource. Missing allowances: composition:resend_sms

5

1000

404

Composition not found

COMPOSITION_NOT_FOUND_404

Не знайдено медичний висновок

6

404

Not found

7

409

Action is not allowed for the legal entity

8

409

Authentication method doesn't exist or is inactive

9

409

Authentication method doesn't exist or is inactive

10

409

You can not resend SMS for Composition in status %status%

11

429

Sending SMS timeout. Try later. Next attempt will be available at <attempts.oldest.value + SEND_TIMEOUT>

12

Специфічні

13

 

422

Only for active MPI record can be created medication request!

 

 

Post-processing processes

Description of actions performed on data after processing

Technical modules where the method is used

List of pages describing technical modules where the method is used

  • No labels