ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 6 Next »

Specification

Apiary


The process is initiated by any employee with necessary scopes in this legal entity and involves the transfer of a signed person with electronic digital signature. 

Process is asynchronous. If all validations are successfully completed, the asynchronous process of creating a person starts by processing the message.

Service logic

  1. Only authenticated and authorized user can use this service
  2. Only NEW patient request can be activated
  3. The request can be activated only by the employee who works in the same legal entity in which the request was made.

Authorize user

  1. Verify the validity of access token
    1. Return 401 in case validation fails
  2. Check scopes in order to perform this action (scope = 'patient_request:write')
    1. Return 403 in case invalid scope(s)

Digital signature

Decode content that is encrypted in an electronic digital signature.
Use Digital signature WS. Method checks digital signature and returns result.
See service specification

Validate DRFO

  1. Check that DRFO in Certificate details exists and not empty
  2. Check that DRFO in Certificate details is equal to DRFO in Party
    1. Get party.tax_id using employee_id in person payload
    2. Compare DRFO in Certificate with party.tax_id
      1. Convert DRFO and TAX_ID to uppercase
      2. Compare DRFO and TAX_ID as Cyrillic letters
      3. Convert DRFO to Cyrillic and compare as Cyrillic letters
    3. In case validation fails - generate 422 error

Latin to Cyrillic mapping

%{"A" => "А", "B" => "В", "C" => "С", "E" => "Е", "H" => "Н", "I" => "І", "K" => "К", "M" => "М", "O" => "О", "P" => "Р", "T" => "Т", "X" => "Х"}


Validate request

  1. Validate request using JSON schema (See specification)
    1. In case validation fails - generate 422 error
  2. Check patient request status
    1. If status is not APPROVED, - returned error 'Incorrect status'

Check signed content

Check decoded signed content with previously created on IL.db.

SELECT data
FROM patient_requests
WHERE id = {:id}

In case if they are not equal - generate 422 error (message: "Signed content does not match the previously created content")

Check legal entity id

Patient request can be signed by any employee with necessary scopes in equal legal_entity_id.

  1. Check that ID in URL exists in the system
    1. Return 401 in case validation fails
  2. Check that patient request belongs to the same legal entity as the user
    1. In case of error - return 403

Create/update person

If person.id is in request then add mpi_id to patient request. Update MPI.persons with new parameters.

If person.id is not in request then create new person in status ACTIVE or APPROVED)


Update patient request

Update patient request:

  1. Change entity status in IL_DB.patient_request to SIGNED

  2. Set updated_at - now() (Get current date-time)

  3. Set updated_by - user_id (Extract user from token)

  • No labels

ЕСОЗ - публічна документація