ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »


Specification

Apiary

Purpose

This WS is design to create contract request from Legal Entity side by Owner or Admin. Before the request is created the documents must have been uploaded. Than request can be approved or declined by NHS side. After that MSP must approve the request from their side. In case the request was two-side approved it can be two-side signed. 

Input parameters

Input is signed data in PKCS7 format. The data must be unpacked and validated using JSON schema.
 

Authorize

    1. Verify the validity of access token
      1. in case of error return 401 ('Access denied')
    2. Check user scope contract_request:create in order to perform this action
      1. in case of error generate 401 response ('Invalid scopes')

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.

Validate DRFO

  1. Check that DRFO in Certificate details exists and not empty
    1. in case of error return 422 error ('Invalid DRFO in DS')
  2. Check that DRFO in Certificate details is equal to DRFO in Party
    1. Get parties.tax_id using party_users.party_id by user_id.
    2. Compare DRFO in Certificate with party.tax_id 
      1. Convert DRFO and TAX_ID to uppercase
      2. Compare DRFO and TAX_ID as Cyrillic letters
      3. Convert DRFO to Cyrillic and compare as Cyrillic letters
    3. In case validation fails - generate 422 error

Verify role

Extract from token:

  1. Validate client_id (is_blocked=false)
    1. in case of error return 403 Error ('Client is blocked')
  2. Check contractor_legal_entity is active
    • in case error return 403 - ('Client is not active')

Validate request

  1. Validate contractor_divisions
    1. Check divisions belongs to legal_entity and divisions.status='active'
      1. in case of error return 422  error view $divisions ('Division must be active and within current legal_entity')
    2. Validate each division in array present exactly one time
      1. in case of error return 422  error view $divisions ('Division duplicates')
  2. Validate contractor_employee_divisions 
    1. Employees from employee_divisions has employee_type='DOCTOR', status='APPROVED'
      1. in case of error return 422  error view $employee ('Employee must be an active DOCTOR')
    2. Check contractor_employee_divisions.division_id is present in contractor_divisions.id
      1. in case of error return 422 error $divisions ('The division is not belong to contractor_divisions')
    3. Check employee present in divisions for one time: count(employee_id)=1 by contractor_employee_divisions.division_id 
      1. in case of error return 422 error $divisions ('Employee in division duplicates)
  3. Validate external_contractors
    1. Check external_contractors.divisions.id is present in contractor_divisions.id
      1. in case of error return 422 error $divisions ('The division is not belong to contractor_divisions')
    2. Check external_contractors.contract.expires_at>start_date
      1. in case of error return 422 error $contract.expires_at ('Expires date must be greater than contract start_date')
    3. Set external_contractors.legal_entity_id='client_id'
  4. Validate external_contractor_flag:
    1. If external_contractors is not null then external_contractor_flag must be true
    2. If external_contractors is null then external_contractor_flag must be set to false 
      1. in case of error return 422 error $external_contractor_flag ('Invalid external_contractor_flag').

      If external_contractors wasn't sent in request then set external_contractor_flag to false.

  5. Validate start_date
    1. the year in  start_date must be equal to current or next year (current+1).
      1. in case of error return 422 error $start_date ('Start date must be within this or next year')
    2. start_date>now()
  6. Validate end_date
    1. the year in $end_date must be equal to year in $start_date
      1. in case of error return 422 error $end_date ('The year of start date and end date must be equal')
    2. the $end_date must be greater than the $start_date
      1. in case of error return 422 ('The end date must be greater than the start date')
  7. Valide contractor_owner_id
    1. Check employees.employee_id=contractor_owner_id and client_id=employee.legal_entity_id and employee_type in('OWNER', 'ADMIN') and status='APPROVED' and is_active=true
    2. In case of error return 422 Error ('Contractor owner must be an active OWNER or ADMIN and within current legal entity in contract request')
  8. If in request was sent contract_number check format contract_number:
    1. contract request number structure XXXX-1234-5678-C , where:
      1. XXXX - series: numbers + only some letters (A, E, H, K, M, P, T, X)
      2. 1234-5678 - randomly generated numbers and letters A, E, H, K, M, P, T, X.
    2. check there is a contract with such contract_number 
      1. in case of error return 422 error ('Contract with such contract number does not exist')
    3. check if contract is not in status 'TERMINATED'
      1. in case of error return 409 error ('Can not update terminated contract')
    4. employee_divisions, start_date, end_date can't be updated. If there is an active contract with such contract_number copy start_date, end_date and contractor_legal_entity_id from existing contract. It's not allowed in response.
      1. in case of error return 422 error
  9. Validate id_from is from dictionary CONTRACT_TYPE
    1. in case of error return 422 error ('Invalid contract type')

Determine parent contract (optional)

In case contract request contains parameter '$.contract_number':

  1. find contract that matches transmitted '$contract_number':
    1. if there is no contract with specified contract number, return 422 error ('Contract with such contract number does not exist')
    2. if contract is in 'Terminated' status, return 409 error ('Can not update terminated contract')
  2. set parent_contract_id value as contract.id

Search pending contract requests

1. Find there is no contract 

  • for same contractor_legal_entity_id
  • within same period [start_date, end_date]
  • status in ('NEW', 'APPROVED', 'NHS_SIGNED')
  • id_form

In case there is such contract change its' status to 'TERMINATE'

Save contract request

Insert record to IL.contract_request in status 'NEW'

set  - contractor_legal_entity_id=$client_id

Save signed contract request to media storage

  1. Get url for contract request upload.

    Parameter
    Source
    action'GET'
    bucket'CONTRACT_REQUEST'
    resource_id: CONTRACT_REQUEST_ID
    resource_name: INITIAL_CONTRACT_REQUEST
    timestamp:TIMESTAMP
  2. Upload signed contract request to media storage
  • No labels

ЕСОЗ - публічна документація