ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

Purpose

This method allows to view Person's (MPI) details.

Specification

Link

-

Посилання на Apiary або Swagger

Resource

/graphql

Посилання на ресурс, наприклад: /api/persons/create

Scope

person:read

Scope для доступу

Components

Patient registry

Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription

Microservices

mpi/api

il/api (rpc)

fe/admin-web

Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC

Protocol type

GraphQL

Тип протоколу, який використовується запитом, наприклад: SOAP | REST

Request type

POST

Тип запиту API, наприклад: GET, POST, PATCH…

Sync/Async

Sync

Метод є синхронним чи асинхронним?

Public/Private/Internal

Private

Потрібно зазначити тип методу за ступенем доступності

Logic

This is a graphQl query method used in Administration panel only to get person’s data . Only authenticated and authorized NHS employee with appropriate scope can get person’s data.

Request structure

Example:

 Request example
{
	"query": "query PersonQuery($id: ID!, $filter: PersonAuthenticationMethodFilter, $after: String, $before: String, $first: Int, $last: Int) { person(id: $id) { ...UserInfo ...AuthMethods ...PersonConfidantPersons ...EmergencyContact ...VerificationDetails __typename } }  fragment AuthMethods on Person { authenticationMethods(filter: $filter, first: $first, last: $last, after: $after, before: $before) { nodes { id alias type startedAt endedAt phoneNumber isActive thirdPerson { databaseId firstName lastName secondName id authenticationMethods(filter: {type: [\"OTP\", \"OFFLINE\", \"NA\"]}, first: 50) { nodes { id type phoneNumber __typename } __typename } __typename } __typename } __typename } __typename }  fragment VerificationDetails on Person { verificationDetails { dracsDeath { verificationComment verificationReason verificationStatus dracsDeathActId unverifiedAt __typename } drfo { result syncedAt unverifiedAt verificationReason verificationStatus __typename } manualRules { unverifiedAt verificationComment verificationReason verificationStatus __typename } __typename } __typename }  fragment PersonConfidantPersons on Person { confidantPersons { relationType firstName lastName secondName gender birthDate birthCountry birthSettlement unzr taxId email secret preferredWayCommunication phones { type number __typename } documents { type number issuedAt issuedBy expirationDate __typename } relationshipDocuments { type number issuedAt issuedBy expirationDate __typename } __typename } __typename }  fragment EmergencyContact on Person { emergencyContact { firstName lastName secondName phones { type number __typename } __typename } __typename }  fragment UserInfo on Person { id databaseId status verificationStatus firstName secondName lastName gender birthDate birthCountry birthSettlement addresses { ...Addresses __typename } taxId noTaxId insertedAt updatedAt unzr email phones { type number __typename } preferredWayCommunication documents { type number issuedAt issuedBy expirationDate __typename } nhsRequestNumber nhsRequestComment deathDate secret __typename }  fragment Addresses on Address { type country area region settlement settlementType settlementId streetType street building apartment zip __typename }",
	"variables": {
		"id": "UGVyc29uOjlkMWYzYzhlLWJlYzctNDUyYS04ZTlmLWNhYjdlOGRjYWU1OA==",
		"first": 10,
		"filter": {
			"isEnded": false
		}
	}
}

Authorize

Request to process the request using a token in the headers.

  1. Verify the validity of access token

    1. Return 401 in case validation fails

  2. Verify that token is not expired

    1. in case of error - return (401, 'Invalid access token')

  3. Check user scopes

    1. person:read in order to search person

      1. Return 403 in case invalid scope(s) "Your scope does not allow to access this resource. Missing allowances: person:read

Request data validation

Validate legal entity

  • Extract client_id from token.

  • Check legal entity status (status = ACTIVE)

    • In case of error - return 409 ('client_id refers to legal entity that is not active')

Validate request

Validate $.personId

Check $.personId is ID from MPI.person.id

  • search person $.personId in MPI.person.(id = $.personId) and MPI.person.(id = $.personId).is_active = true then ok

    • in case of error, return "Person not found"

Processing

  1. Get data from mpi DB:

    1. persons by id

  2. Render a response according to specification.

Response structure

Example:

 Response example. Code: 200
{
    "data": {
        "person": {
            "__typename": "Person",
            "addresses": [
                {
                    "__typename": "Address",
                    "apartment": "4",
                    "area": "Рівненська",
                    "building": "77",
                    "country": "UA",
                    "region": "Хмельницька",
                    "settlement": "Дніпро",
                    "settlementId": "429731cc-e019-44d6-a17e-3d8c16b78dba",
                    "settlementType": "CITY",
                    "street": "Абрикосова",
                    "streetType": "AVENUE",
                    "type": "RESIDENCE",
                    "zip": "82529"
                }
            ],
            "authenticationMethods": {
                "__typename": "PersonAuthenticationMethodConnection",
                "nodes": [
                    {
                        "__typename": "PersonAuthenticationMethod",
                        "alias": "OTP",
                        "endedAt": null,
                        "id": "UGVyc29uQXV0aGVudGljYXRpb25NZXRob2Q6YTZiZDczZDQtN2Q4NS00MzlkLTk1NjktZjEwYjVlY2QyNzAy",
                        "isActive": true,
                        "phoneNumber": "+380941455543",
                        "startedAt": null,
                        "thirdPerson": null,
                        "type": "OTP"
                    }
                ]
            },
            "birthCountry": "Україна",
            "birthDate": "1975-06-15",
            "birthSettlement": "Луцьк",
            "confidantPersons": [
                {
                    "__typename": "ConfidantPerson",
                    "birthCountry": "Україна",
                    "birthDate": "1996-12-12",
                    "birthSettlement": "Дніпро",
                    "documents": [
                        {
                            "__typename": "PersonDocument",
                            "expirationDate": null,
                            "issuedAt": "2013-03-15",
                            "issuedBy": "Херсон РОУ ВМУ МВС в Рівненська області",
                            "number": "ОП324030",
                            "type": "PASSPORT"
                        }
                    ],
                    "email": null,
                    "firstName": "Юлія",
                    "gender": "FEMALE",
                    "lastName": "Басок",
                    "phones": [
                        {
                            "__typename": "Phone",
                            "number": "+380904035005",
                            "type": "LAND_LINE"
                        }
                    ],
                    "preferredWayCommunication": null,
                    "relationType": "PRIMARY",
                    "relationshipDocuments": [
                        {
                            "__typename": "PersonDocument",
                            "expirationDate": null,
                            "issuedAt": "2011-03-16",
                            "issuedBy": "Луганьск РОУ ВМУ МВС в Хмельницька області",
                            "number": "ВБ361517",
                            "type": "DOCUMENT"
                        }
                    ],
                    "secondName": "Корнелійовна",
                    "secret": "secret",
                    "taxId": "3541011501",
                    "unzr": null
                }
            ],
            "databaseId": "9d1f3c8e-bec7-452a-8e9f-cab7e8dcae58",
            "deathDate": null,
            "documents": [
                {
                    "__typename": "PersonDocument",
                    "expirationDate": null,
                    "issuedAt": "2011-03-16",
                    "issuedBy": "Міколаїв РОУ ВМУ МВС в Чернівецька області",
                    "number": "ИЬ614450",
                    "type": "PASSPORT"
                }
            ],
            "email": null,
            "emergencyContact": {
                "__typename": "EmergencyContact",
                "firstName": "Світлана",
                "lastName": "Боровик",
                "phones": [
                    {
                        "__typename": "Phone",
                        "number": "+380383752740",
                        "type": "LAND_LINE"
                    }
                ],
                "secondName": "Йосиповна"
            },
            "firstName": "Павло",
            "gender": "MALE",
            "id": "UGVyc29uOjlkMWYzYzhlLWJlYzctNDUyYS04ZTlmLWNhYjdlOGRjYWU1OA==",
            "insertedAt": "2021-03-13T19:44:28.426485Z",
            "lastName": "Сироїд",
            "nhsRequestComment": "",
            "nhsRequestNumber": "",
            "noTaxId": null,
            "phones": [
                {
                    "__typename": "Phone",
                    "number": "+380954591106",
                    "type": "LAND_LINE"
                }
            ],
            "preferredWayCommunication": null,
            "secondName": "Пилипович",
            "secret": "secret",
            "status": "ACTIVE",
            "taxId": null,
            "unzr": null,
            "updatedAt": "2023-04-26T16:12:01.740166Z",
            "verificationDetails": {
                "__typename": "PersonVerificationDetail",
                "dracsDeath": {
                    "__typename": "PersonDracsDeathVerification",
                    "dracsDeathActId": null,
                    "unverifiedAt": null,
                    "verificationComment": " ",
                    "verificationReason": "MANUAL_NOT_CONFIRMED",
                    "verificationStatus": "VERIFIED"
                },
                "drfo": {
                    "__typename": "PersonDrfoVerification",
                    "result": null,
                    "syncedAt": null,
                    "unverifiedAt": null,
                    "verificationReason": "ONLINE_TRIGGERED",
                    "verificationStatus": "VERIFICATION_NEEDED"
                },
                "manualRules": {
                    "__typename": "PersonManualRulesVerification",
                    "unverifiedAt": null,
                    "verificationComment": null,
                    "verificationReason": "RULES_PASSED",
                    "verificationStatus": "VERIFIED"
                }
            },
            "verificationStatus": "VERIFICATION_NEEDED"
        }
    },
    "extensions": {
        "requestId": "f211af74-f3f9-40dc-baef-793532d4023a#18633"
    }
}

HTTP status codes

HTTP status code

Message

What caused the error

 200

 Response

 

401

Invalid access token

 Invalid token

403

Your scope does not allow to access this resource. Missing allowances: {{scope}}

Scope is missing

409

client_id refers to legal entity that is not active

Legal entity is not active

  • No labels

ЕСОЗ - публічна документація