ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

approve_request.graphml

Specification

Apiary

Service logic

  1. Only authenticated and authorized user can use this service
  2. Only NEW patient request can be activated
  3. The request can be activated only by the employee who works in the same legal entity in which the request was made.

Validate request

  1. Validate request using JSON schema
    1. In case validation failed - generate 422 error
JSON Schema 
{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "verification_code": {
      "type": "string"
    }
  },
  "required": [
    "verification_code"
  ],
  "additionalProperties": false
}


Authorize user

  1. Verify the validity of access token
    1. Return 401 in case validation fails
  2. Check scopes in order to perform this action (scope = 'patient_request:write')
    1. Return 403 in case invalid scope(s)

Get patient request details

Get patient request from IL_DB.patient_request

Determine authorization method

Get authorization_method from IL_DB.patient_request

SELECT IL_DB.patient_request.authentication_method
FROM   IL_DB.patient_request
WHERE IL_DB.patient_request.id = :id

If authentication_method is NULL - return Error

If authentication_method == OFFLINE - check uploaded documents

If authentication_method = OTP - verify SMS code, check uploaded documents for patient request form and add phone to db.verification.verified_phones

If authentication_method = CONFIDANT and confidant has auth.method = OTP  -  verify SMS code, check uploaded documents for patient request form and  the document which confirms the guardianship.

If authentication_method = CONFIDANT and confidant has auth.method = OFFLINE  -  check uploaded documents for patient request form,a person's document, the confidant person's document and the document which confirms the guardianship.

Verify code

Invoke verification module to verify OTP

OTP Verification

Check uploaded documents

Invoke Media Content Storage to check documents exist

Media Content Storage

Generate printout form

Invoke MAN to render print form.

Request mapping:

ParameterSource
idPATIENT REQUEST
cURL example
curl --request POST \
     --header 'Accept: text/html' \
     --header 'Content-Type: application/json' \
     {:host}/templates/{:patient_request_printout_id}/actions/render


Set IL.patient_request.printout_content:

MANResponse.$.data

Change patient request

  1. Change entity status in IL_DB.patient_request to APPROVED

  2. Set updated_at - now() (Get current date-time)

  3. Set updated_by - user_id (Extract user from token)

  • No labels

ЕСОЗ - публічна документація