ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 17 Next »

The process is initiated by responsible person from NHS side which created and approved contract request previously and involves the transfer of a signed contract request with electronic digital signature. 

Process is asynchronous. If all validations are successfully completed, the asynchronous process of creating a contract starts by processing the message.

Contract must be 2 time signed: from legal_entity and NHS sides. There is a particular order who must signed first - NHS side. After that legal entity owner can either sign contract request (will be created contract) or terminate contract request.

Input parameters 

Invoke service 'Get Contract Reqeust by ID'. In the response will be received printout form and json which must be signed. Input is signed data in PKCS7 format.

Authorize user

  1. Verify the validity of access token
  2. Check user scopes in order to perform this action
    1. In case error - generate 401 response

Check employee

Contract_request can be signed by owner or nhs_signer with necessary scopes in equal legal_entity_id and same id as was perviously input in contract_request.

  1. Extract legal_entity_id (client_id) from token. Take contract_request_id.
  2. Check client_id=nhs_legal_entity_id (nhs_side) - in case of error return 403 Error ('Invalid client id')
  3. Validate that contract_request hasn't been signed by  nhs_side already
    1. Check if status= 'PENDING_NHS_SIGNED'
    2. In case of error return 422 error ('The contract can't be signed by status')

Generate Printout form 

After status is changed to PENDING_NHS_SIGNED - generate printout form

Invoke MAN to render printuot form.

Request mapping:

Parameter
Source
idCONTRACT_REQUEST
Curl example
curl --request POST \
     --header 'Accept: text/html' \
     --header 'Content-Type: application/json' \
     {:host}/templates/{:contract_printout_id}/actions/render

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.

Validations

Validate DRFO

  1. Check that DRFO in Certificate details exists and not empty
    1. in case of error return 422 error ('Invalid DRFO in DS')
  2. Check that DRFO in Certificate details is equal to DRFO in Party
    1. Get party.tax_id using nhs_signer_id from contract_request
    2. Compare DRFO in Certificate with party.tax_id 
      1. employees.employee_id=nhs_signer_id and client_id=employee.legal_entity_id – 
      1. Convert DRFO and TAX_ID to uppercase
      2. Compare DRFO and TAX_ID as Cyrillic letters
      3. Convert DRFO to Cyrillic and compare as Cyrillic letters
    3. In case validation fails - generate 422 error

Check signed content

Check decoded signed content with previously created on IL.db.

SELECT data
FROM contract_requests
WHERE id = {:id}

In case if they are not equal - generate 422 error (message: "Signed content does not match the previously created content")

Validate request

  1. Validate request using JSON schema
    1. In case validation fails - generate 422 error
  2. Check contract request status
    1. If status is not PENDING_NHS_SIGN - return error 422 'Incorrect status'
  3. Validate contractor_divisions
    1. Check divisions belongs to legal_entity and divisions.status='active'
      1. in case of error return 422  error view $divisions ('Division must be active and within current legal_entity')
  4. Validate contractor_employee_divisions
    1. Employees from employee_divisions has employee_type='DOCTOR', status='APPROVED'
      1. in case of error return 422  error view $employee ('Employee must be an active DOCTOR')
    2. Check contractor_employee_divisions.division_id is present in contractor_divisions.id
      1. in case of error return 422 error $divisions ('The division is not belong to contractor_divisions')
    3. Check contract_number is null
      1. in case of error return 422  error view $employee  ('Employee can't be updated via Contract Request')
  5. Validate start_date
    1. start_date>now()
      1. in case of error return 422 error $start_date ('Start date must be greater than create date')
  6. Check whether all id is resolved and valid. For
     -     contractor_legal_entity_id and nhs_legal_entity_id in status='active' (prm.legal_entities)
     - contractor_owner_id and     nhs_signer_id in status = 'APPROVED' (prm.employees)


Save signed contract to media storage

  1. Get url for declaration upload

    ParameterSource
    action'GET'
    bucket'CONTRACT_REQUESTS'
    resource_id: CONTRACT_REQUEST_ID
    resource_name: CONTRACT_NAME
    timestamp:TIMESTAMP
  2. Upload signed contract to media storage.

Update contract request

  1. Change contract_request.status='NHS_SIGNED'
  2. set nhs_signed_date=now()::date


Add status to event manager

After status was changed (status = NHS_SIGNED) - add new status to event_manager

field
value
event_typeStatusChangeEvent
entity_typeContract_request
entity_id$.id
properties.status.new_value$.status
event_time$.update_at
changed_by$.changed_by



  • No labels

ЕСОЗ - публічна документація