Specification
Service logic
- Only authenticated and authorized user can use this service
- Only NEW patient request can be activated
- The request can be activated only by the employee who works in the same legal entity in which the request was made.
Validate request
- Validate request using JSON schema
- In case validation failed - generate 422 error
Authorize user
- Verify the validity of access token
- Return 401 in case validation fails
- Check scopes in order to perform this action (scope = 'patient_request:write')
- Return 403 in case invalid scope(s)
Get patient request details
Get patient request from IL_DB.patient_request
Determine authorization method
Get authorization_method from IL_DB.patient_request
SELECT IL_DB.patient_request.authentication_method FROM IL_DB.patient_request WHERE IL_DB.patient_request.id = :id
If authentication_method is NULL - return Error
If patient have block confidant_person - check uploaded the confidant person's document and the document which confirms the guardianship.
If person's authentication_method == OFFLINE - check uploaded documents
If authentication_method = OTP (or THIRD_PERSON) - verify SMS code and add phone to db.verification.verified_phones
Invoke verification module to verify OTP
Check uploaded documents
Invoke Media Content Storage to check documents exist
Generate printout form
Invoke MAN to render print form.
Request mapping:
| Parameter | Source |
|---|---|
| id | PATIENT REQUEST |
cURL example
curl --request POST \
--header 'Accept: text/html' \
--header 'Content-Type: application/json' \
{:host}/templates/{:patient_request_printout_id}/actions/render
Set IL.patient_request.printout_content:
MANResponse.$.data
Change patient request
- Change entity status in IL_DB.patient_request to APPROVED
Set updated_at - now() (Get current date-time)
Set updated_by - user_id (Extract user from token)