REST API method / Метод REST API (настанова) (remove the link block before publishing the document)

Properties of a REST API method document

Document type	Метод REST API
Document title	[Document status] REST API [Назва методу] [ID методу]
Guideline ID	GUI-0011
Author	@
Document version	1
Document status	DRAFT
Date of creation	ХХ.ХХ.ХХХХ (дата фінальної версії документа – RC або PROD)
Date of update	ХХ.ХХ.ХХХХ (дата зміни версії)
Method API ID	API-005-009-001-0171
Microservices (namespace)	IL
Component	Legal Entities
Component ID	COM-005-009
Link на API-специфікацію	https://ehealthmisapi1.docs.apiary.io/#reference/public.-medical-service-provider-integration-layer/healthcare-services/update-healthcare-service
Resource	{{host}}/api/healthcare_services/{{id}}
Scope	healthcare_service:write
Protocol type	REST
Request type	PATCH
Sync/Async	Sync
Public/Private	Public

Purpose

This WS is designed to update previously created healthcare service for the division of legal entity

Key points

Only authenticated and authorized user with an appropriate scope can update healthcare service.
Healthcare service can be updated for PRIMARY_CARE, EMERGENCY, OUTPATIENT or PHARMACY legal entity.
Healthcare service can be updated for legal entities in ACTIVE or SUSPENDED statuses.
Only active healthcare service can be updated.
Only comment, available_time, restricted_periods fields can be updated.

Logic

Update healthcare service in healthcare_services table (PRM DB) with data from request and additional fields:
1. comment = $.comment;
2. available_time = $.available_time;
3. not_available = $.not_available;
4. updated_at = now();
5. updated_by = user_id from access token.

Configuration parameters

Description of the configuration parameters that are used when processing a request in the system

Dictionaries

Provides a list of links to dictionaries that are available in Confluence

Input parameters

	Input parameter	Mandatory	Type	Description	Example
1	id		String	Healthcare service identifier. Optional.	d290f1ee-6c54-4b01-90e6-d701748f0851
2

Request structure

See on API-specification

Example

{
  "comment": "Заведено помилково",
  "coverage_area": [
    "2c0110a9-0bea-4b16-af8e-6e2e149a5bfc"
  ],
  "available_time": [
    {
      "days_of_week": [
        "mon"
      ],
      "all_day": true,
      "available_start_time": "08:30:00",
      "available_end_time": "19:00:00"
    }
  ],
  "not_available": [
    {
      "description": "Санітарний день",
      "during": {
        "start": "2018-08-02T10:45:16.000Z",
        "end": "2018-08-02T11:00:00.000Z"
      }
    }
  ]
}

Headers

	Key	Value	Mandatory	Description	Example
1	Content-Type	application/json	M	Тип контенту	Content-Type:application/json
2	Authorization	Bearer c2778f3064753ea70de870a53795f5c9	M	Перевірка користувача	Authorization:Bearer c2778f3064753ea70de870a53795f5c9
3	API-key	uXhEczJ56adsfh3Ri9SUkc4en			API-key:uXhEczJ56adsfh3Ri9SUkc4en

Request data validation

Authorize

Verify the validity of access token
- in case of error - return 401 (“Invalid access token”) in case of validation fails.
Verify that token is not expired
- in case of error - return 401 (“Invalid access token”).
Check user scopes in order to perform this action (scope = 'healthcare_service:write')
- return 403 (“Your scope does not allow to access this resource. Missing allowances: healthcare_service:write”) in case of invalid scope(s).

Validate request

Validate request using JSON schema
- in case of error - return 422.

Validate legal entity

Extract legal entity id from access token. Check that legal entity is in ‘ACTIVE’ or ‘SUSPENDED’ status
- in case of error - return 409 (“Invalid legal entity status”).

Validate healthcare service

Get healthcare service by $.id. Check that healthcare service exists in PRM DB
- in case of error - return 404 (“not_found”).
Get healthcare service by $.id. Check that healthcare service belongs to legal entity id from access token
- in case of error - return 403 (“forbidden”).
Get healthcare service by $.id. Check that healthcare service status = ‘ACTIVE’
- in case of error - return 409 (“healthcare_service.status healthcare service cannot be updated”), where healthcare_service.status = value of status of healthcare service from PRM DB.

Validate available time

If $.all_day = true, check that fields available_start_time and available_end_time does not exist in request
- in case of error - return 422 (“Should not be present when all_day = true“).
If all_day = false, check that fields available_start_time and available_end_time exist in request
- in case of error - return 422 (“Should be present when all_day = false“).

Validate not available

Check that each object in not_available array has a valid period in $.not_available.during. during.end must be greater than during.start
- in case of error - return 422 (“Should be greater then start“).

Processing

A list of processes related to receiving, changing or transmitting data according to the logic defined in the REST API

Response structure examples