Purpose

This WS intended to get detailed information of patient approval.

Specification

Link	https://medicaleventsmisapi.docs.apiary.io/#reference/approvals/get-approval-details/get-approval-details
Resource	/api/patients/{{patient_id}}/approvals/{{id}}
Scope	approval:read
Components	Approvals
Microservices	API paragraph not found
Protocol type	REST
Request type	GET
Sync/Async	Async
Public/Private/Internal	Public

Logic

Returns approval details by it's identifier in patient context. It is allowed only for the doctor who has an active declaration with a patient from url (can get all approvals) or approval is granted to user (can get own approval).

Input parameters

Input parameter	Values	Type	Description	Example
patient_id		String	identifier of the patient	`7c3da506-804d-4550-8993-bf17f9ee0402`
id		String	identifier of the approval	`7c3da506-804d-4550-8993-bf17f9ee0402`

Authorize

Verify the validity of access token
- Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
- in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'approval:read')
- Return (403, 'Your scope does not allow to access this resource. Missing allowances: approval:read') in case of invalid scope(s)

Request to process the request using a token in the headers

Headers

Наприклад:

Content-Type:application/json
Authorization:Bearer c2778f3064753ea70de870a53795f5c9
api-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

Validate Patient

Get Patient identifier from the URL
Check it exists in DB
- Return 404 ('not found') in case of error

Validate Approval

Get Approval identifier from the URL
Check it exists in DB
- Return 404 ('Person is not found') in case of error

Validate User

Extract user_id from token.
Check user has an active declaration with a patient from URL (can get all approvals) or approval is granted to user (can get own approval):
- Return 200 with empty array in case the employee doesn't have an active declaration with the patient or approval is granted to user

Processing

Service logic

Service returns detailed information of the patient approval:

Get approval by patient_id and approval id from approvals collection (MongoDB)
Render a response according to specification.
Block “authentication_method_current” represents the type of auth method and the telephone number (for methods with ability to specify it)

Response structure

See on Apiary

Example:

Response example

{
  "meta": {
    "code": 200,
    "url": "http://example.com/resource",
    "type": "object",
    "request_id": "req-adasdoijasdojsda"
  },
  "data": {
    "id": "d5a5d991-0bf7-476f-b3cf-bec73f044b2e",
    "granted_resources": [
      {
        "identifier": {
          "type": {
            "coding": [
              {
                "system": "eHealth/resources",
                "code": "episode_of_care"
              }
            ]
          },
          "value": "d5a5d991-0bf7-476f-b3cf-bec73f044b2e"
        },
        "display_value": "null"
      }
    ],
    "granted_to": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "employee"
            }
          ]
        },
        "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
      },
      "display_value": "null"
    },
    "expires_at": 1498749591,
    "reason": {
      "identifier": {
        "type": {
          "coding": [
            {
              "system": "eHealth/resources",
              "code": "service_request"
            }
          ]
        },
        "value": "9183a36b-4d45-4244-9339-63d81cd08d9c"
      },
      "display_value": "null"
    },
    "status": "new",
    "access_level": "read",
    "authentication_method_current": {
      "type": "OTP",
      "number": "+38093*****85"
    }
  }
}

HTTP status codes

HTTP status code	Message	What caused the error
200

Get approval details