Purpose
This WS is designed to sign Request for Medication request (patch). If successful signed - automatically create Medication request
Key points
Only authenticated and authorized users with appropriate scope can Sign Medication request Request (MRR)
Request should be signed with DS.
MRR data should be changed when it has been submitted to the method.
Specification
Logic
Method receives signed message (pkcs7) including signed content, digital signature and signer public key in signed_content
property. All signature fields will be validated (including signer certificate authority).
This service will store signed copy of Medication request Request in Media Content Storage and create Medication request if signature is all checks is passed.
Signed content MUST consists of JSON object with Medication request Request data. Object that need to be signed is returned by Get medication request requests details response, JSON.Path: $.data
.
Important: Invoke Get Medication request Request by ID to obtain seed - Hash of previous block in Medication request Request chain or other random component that should be signed with Medication request Request.
Look at Dummy Sign Medication Request Requests for more details.
Preconditions
API paragraph not found
Global and configurable parameters
No
Input parameters
Input parameter | Values | Type | Description | Example |
---|---|---|---|---|
id | String | Required | 6a8a83a4 |
Filters
No
Request structure
See on Apiary
Example:
Authorize
Verify the validity of access token
in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'medication_request_request:sign')
return 403 (“Your scope does not allow to access this resource. Missing allowances: medication_request_request:sign”) in case of invalid scope(s)
Headers
Content-Type:application/json
Authorization:Bearer c2778f3064753ea70de870a53795f5c9
api-key:uXhEczJ56adsfh3Ri9SUkc4en
msp_drfo:2534157686
Validate request
API paragraph not found
Request data validation
Validate employee
Validate employee from the medication request request relates to user from token.
in case of error - return 403 “Only doctor that in Medication request Request can sign it“
Perform another validation described at Create MRR: Validate employee
Validate division
Validate division as described on Create MRR: Validate division
Validate context
Validate division as described on Create MRR: Validate context
Validate medical program
Validate medical_program_id: medical_program_id exists and has medication_request_allowed = true
in case of error return 422 ("Forbidden to create medication request for this medical program!")
Validate existing medication request request
If medical program setting skip_mnn_in_treatment_period = false (absent), then validate division as described on PreQualify Medication request: 2. Check absence the same medications for the programs
Validate digital signature
Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
Validate request status
Purpose validation: Valid ability transition.
For info - status charts: Medication request status model
Get Medication request Request status by $.id
Check status == NEW
if invalid - return 409 error (message: "Invalid status Medication request Request for sign transition!")'
Validate person
Validate person with it’s verification status as described on Create MRR: Validate person
Validate signed content
Purpose validation: Check equality decoded signed content with previously created on IL.db.
Get data
SELECT data FROM medication_request_requests WHERE id = $.id
If they are not equal with decoded signed content - generate 422 error (message: "Signed content does not match the previously created content!")
Parameters that are used when processing the request
Configuration parameters
API paragraph not found
Dictionaries
API paragraph not found
Processing
Save signed medication request request to media storage
Get url for medication request upload.
Upload signed medication request request to media storage
Parameter | Source |
---|---|
action | GET |
bucket | from MEDIA_STORAGE_MEDICATION_REQUEST_REQUEST_BUCKET chart var |
resource_id | medication_request_request_id |
resource_name | signed_content |
Create medication request
Create new record in medication_requests with status ACTIVE
if there is existing record in the medication_requests table with the same id and medication_request_request_id, return ok to IL
Mapping (where <rd> = medication_request_request.data )
Destination | Source |
---|---|
id | |
request_number | <rd>.request_number |
verification_code | <rd>.verification_code |
created_at | <rd>.created_at |
started_at | <rd>.started_at |
ended_at | <rd>.ended_at |
dispense_valid_from | <rd>.dispense_valid_from |
dispense_valid_to | <rd>.dispense_valid_to |
person_id | <rd>.person_id |
employee_id | <rd>.employee_id |
division_id | <rd>.division_id |
medication_id | <rd>.medication_id |
medication_qty | <rd>.medication_qty |
medical_program_id | <rd>.medical_program_id |
status | ACTIVE |
is_active | true |
recall_at | NULL |
recalled_by | NULL |
recall_reason | NULL |
request_for_medication_request_id | $.id |
inserted_at | :timestamp |
inserted_by | user_id |
updated_at | :timestamp |
updated_by | user_id |
intent | <rd>.intent |
category | <rd>.category |
context | <rd>.context |
dosage_instructions | <rd>.dosage_instructions |
container_dosage | <rd>.container_dosage |
priority | <rd>.priority |
prior_prescription | <rd>.prior_prescription |
Generate printout form
Invoke ael.api in order to render MEDICATION_REQUEST_TEMPLATE
Template parameters
Parameter | Source |
---|---|
bar code
| request_number |
| created_at |
| dispense_valid_to |
| program.name |
| person.short_name |
| person.age |
| medication.name |
| medication_qty |
| started_at |
| ended_at |
| dosage_instruction_text |
| employee.short_name |
| employee.phone_number |
| legal_entity.name |
| division.name |
| legal_entity.address |
| legal_entity.edrpou |
| legal_entity.license |
| legal_entity.license.license_number |
| legal_entity.license.what_licensed |
| legal_entity.license.issued_date |
| legal_entity.license.issued_by |
| legal_entity.license.active_from_date |
| legal_entity.license.expiry_date |
| legal_entity.license.order_no |
| person.authentication_method |
| program.mr_blank_type getFromDictionary(<rd>.container-dosage.unit;'MR_BLANK_TYPES') |
<% funding_source = get_in(assigns, ~w(program funding_source)a) %> <%= if funding_source = "PERSON" do %>повна оплата пацієнтом<% else if funding_source in ["NHS", "LOCAL"]) %>з доплатою/безоплатно<% else %><% end %>
| program.funding_source
|
<%= if funding_source == "PERSON" do %><% else %><%= if funding_source in ["NHS", "LOCAL"] do %> <tr> <td>Власник програми:</td> <td><%=get_in(assigns, ~w(program funding_source_text)a) %></td> </tr> <% end %><% end %> | program.funding_source_text if {program.funding_source}<>"PERSON" then getFromDictionary({program.funding_source},'FUNDING_SOURCE)' else "" endif |
| person.age_unit returns in years ("р.") |
| medication.innm_primary_denumerator_unit getFromDictionary({innm_primary.dosage.denumerator_unit};'MEDICATION_UNIT'), |
| container_dosage.value <rd>container_dosage.value |
| container_dosage.unit getFromDictionary(<rd>container_dosage.unit;'MEDICATION_UNIT') |
Medication request form example:
(new)
Update Medication request Request status
Update Medication request Request:
UPDATE medication_request_requests SET status = 'SIGNED' WHERE id = {:id}
Send SMS for person
If MR has program with medical program setting medication_request_notification_disabled = true, then don't send SMS.
Else:
Get authentication_method of MPI
If authentication_method == OTP - send SMS:
Generate text SMS (call Man method- templates rendering service with template "TEMPLATE_SMS_FOR_SIGN_MEDICATION_REQUEST".
Sending SMS for MPI
If authentication_method == OFFLINE (or medication_request_notification_disabled = true) - set medication_request_request.verification_code to MEDICATION_REQUEST_TEMPLATE
Response structure
See on Apiary
Example:
Post-processing processes
No
HTTP status codes
HTTP status code | Message | What caused the error |
---|---|---|
200 | Response |
|
401 | Invalid access token |
|
403 |
| |
409 | Invalid status Medication request Request for sign transition! | |
422 |
|
Backward compatibility
API paragraph not found