ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

Requirements

  1. Deprecated - Використання направлення

Specification

  1. Use service request

Validations

Authorization

  • Verify the validity of access token
    • Return (401, 'unauthorized') in case of validation fails
  • Verify that token is not expired
    • in case of error - return (401, 'unauthorized')
  • Check user scopes in order to perform this action (scope = 'service_request:use')
    1. Return (403, 'invalid scopes') in case of invalid scope(s)

Validate request using JSON Schema

Return 422 with the list of validation errors in case validation fails

Validate legal entity

  • Check legal entity type: it has to be in me_allowed_transactions_le_types config parameter, has status = active 
    • in case of error return 409 "Action is not allowed for the legal entity"

Validate transition

Only active and unused (released) service request with a specified medical program can be used

  1. Get service request by ID
  2. Service request contains medical program
    1. $.program is NOT NULL
      1. in case of error return 409 "Service request without a program can not be used"
  3. Service request must be active
    1. $.status  == "active"
      1. in case of error return 409 "Invalid service request status"
  4. Service request must be unused
    1. $.used_by_legal_enity is empty object
      1. in case of error return 409 "Service request is already used"

Validate program

  1. Validate program according to Pre-Qualify rules.
    1. it is an existing service program (type=service)
      1. in case not found or is_active==false return 422  "Program not found"
      2. in case type!= service return 409 "Invalid program type"
    2.  service(or service_group) is an active member of the program
      1. Select request_allowed, is_active from PRM.program_services where service_id(or group_id) == $.signed_content.code.identifier.value and program_id=$.program.identifier.value
        1. if not found or is_active==false return 409 "Service is not included in the program"
        2. if request_allowed==false return 409 "Service request is not allowed for this service(service_group) in this program"

Validate request

  1. Get token metadata
    1. Extract user_id, client_id, client_type
  2. Ensure that employee belongs to client
    1. $.used_by.identifier.type.coding[*].system == "eHealth/resources"
    2. $.used_by.identifier.type.coding[*].code == "employee"
    3. $.used_by.identifier.value must belong to client_id (prm.employees.legal_entity_id == :client_id)
      1. in case of error return 422 "You can assign service request only to employee within your legal entity"
  3. Check employee_type - only DOCTOR can use service request
    1. employee_type == DOCTOR
      1. in case of error, return 422 "Invalid employee type. Only doctor can use service request"
  4. Validate used_by_legal_entity is a current legal_entity
    1. $.used_by_legal_entity.identifier.value==token.client_id
      1. in case of error return 409 "You can assign service request only to your legal entity"

Service logic

  1. Update service request attributes
  2. Change program_processing_status to `in_queue`
  • No labels