ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Purpose

This API allows to cancel the activity with specifying a status reason in cases it has been rejected or entered in error.

Key points

  1. Status can be changed by employee who has an Approval granted by the patient on write Care plan resource.

  2. Cancel should be signed with DS. So, all the activity data should be submitted.

  3. Activities status has changed in async way. The result of the job should be a link on the Care plan activity details.

Specification

Apiary

Authorization

  • Verify the validity of access token

    • Return (401, 'Invalid access token') in case of validation fails

  • Verify that token is not expired

    • in case of error - return (401, 'Invalid access token')

  • Check user scopes in order to perform this action (scope = 'care_plan:write')

    • Return (403, 'Your scope does not allow to access this resource. Missing allowances: care_plan:write') in case of invalid scope(s)

Validate legal entity

  • Extract client_id from token

  • Check legal entity status is ACTIVE

    • In case of error - return 409 (Legal entity must be ACTIVE)

  • Check legal entity type in ME_ALLOWED_TRANSACTIONS_LE_TYPES config parameter

    • in case of error - return 409 ('client_id refers to legal entity with type that is not allowed to create medical events transactions')

Validate User

  • Extract user_id from token.

  • Check user has an active and approved employee that:

    • has an active Approval granted by the Patient on write the Care plan resource (care plan id from URL)

      • Return 403 ('Access denied') in case employee has no Approval on write

Validate data consistency

  • Ensure that submitted activity relates to the Patient and Care Plan (from URL)

    • Return 404 (not found) in case of error

Validate Digital Sign

  • Check DS is valid and not expired

  • Validate that DS belongs to the user

    • Check that DRFO from DS and user's party.tax_id matches

Validate status transition

  • Get activity by id

  • Check activity.detail.status: activity status should be changed according to activity status model.

    • Return 409 (Invalid activity status) in case of error

Validate status reason

Validate value in the field $.detail.status_reason, required

  • Validate field type is codeable concept

  • Check that codeable concept refers to the eHealth/care_plan_activity_cancel_reasons dictionary

  • Validate value within dictionary specified above

    • in case of error - return 422 ('value is not allowed in enum')

Validate related entities

  • if activity kind = medication_request:

    • Check there is no medication request requests in status NEW based on the activity

      • in case of error - return 409 (Unable to cancel activity with new Medication Request requests).

    • Check there is no medication requests in status ACTIVE based on the activity

      • in case of error - return 409 (Unable to cancel activity with active Medication requests).

  • if activity kind = service_request:

    • Check there is no service requests in status active, in_progress based on the activity

      • in case of error - return 409 (Unable to cancel activity with <active/in_progress> Service requests).

Validate content

Signed content must match with activity in DB in order to be changed

  1. Render activity from DB

  2. Exclude $.detail.status_reason from signed content

  3. Compare rendered activity and signed content

    1. In case both object doesn't match - return 422 ('Signed content doesn't match with previously created activity')

Service logic

  1. Save signed content to media storage

  2. Update activity status (update also updated_at, updated_by)

  3. Set detail.status_reason

  • No labels

ЕСОЗ - публічна документація