RC [WP] Search Groups of Diagnoses by params_EN

1 Purpose
2 Key points
3 Specification
4 Authorization
5 Validate legal entity
6 Search params
7 Service logic

Purpose

This WS allows to find Groups of Diagnoses in Admin panel using search params. Groups can be found by group params and/or by item params.

Key points

This is a graphQl query method used in Administration panel only.
Only authenticated and authorized NHS employee with appropriate scope can search Groups of Diagnoses.

Specification

"Reads a single `DiagnosesGroup` using its globally unique ID."
  diagnosesGroup(id: ID!): DiagnosesGroup

"Reads and enables pagination through a set of `DiagnosesGroup`."
  diagnosesGroups(
    "A condition to be used in determining which values should be returned by the collection."
    filter: DiagnosesGroupFilter
    "The method to use when ordering collection items."
    orderBy: DiagnosesGroupOrderBy
    "Read all values in the set after (below) this cursor."
    after: String
    "Read all values in the set before (above) this cursor."
    before: String
    "Only read the first _n_ values of the set."
    first: Int
    "Only read the last _n_ values of the set."
    last: Int
  ): DiagnosesGroupConnection!

"""
Fields to filter diagnoses groups in the system.
"""
input DiagnosesGroupFilter {
  "Checks for equality with the object’s `databaseId` field."
  databaseId: UUID
  "Checks for matching with the object’s `name` field."
  name: String
  "Checks for equality with the object’s `isActive` field."
  isActive: Boolean
  "Diagnoses group code filter"
  diagnosesGroupCode: DiagnosesGroupCodeFilter
}

"""
Methods to use when ordering `DiagnosesGroup`.
"""
enum DiagnosesGroupOrderBy {
  "Orders by the object’s `insertedAt` field in the ascending order."
  INSERTED_AT_ASC
  "Orders by the object’s `insertedAt` field in the descending order."
  INSERTED_AT_DESC
  "Orders by the object’s `name` field in the ascending order."
  NAME_ASC
  "Orders by the object’s `name` field in the descending order."
  NAME_DESC
}

"""
A connection to a list of `DiagnosesGroup` items.
"""
type DiagnosesGroupConnection {
  "Information to aid in pagination."
  pageInfo: PageInfo!
  "A list of nodes."
  nodes: [DiagnosesGroup]
  "A list of edges."
  edges: [DiagnosesGroupEdge]
}

"""
An edge in a connection of `DiagnosesGroup`.
"""
type DiagnosesGroupEdge {
  "The item at the end of the edge."
  node: DiagnosesGroup!
  "A cursor for use in pagination."
  cursor: String!
}

"""
DiagnosesGroup contains diagnoses codes.
In order to obtain details user must have a scope **diagnoses_group:read**
"""
type DiagnosesGroup implements Node {
  "The ID of an object."
  id: ID!
  "Primary key identifier from the database."
  databaseId: UUID!
  "The name of the `DiagnosesGroup`."
  name: String!
  "The code of the `DiagnosesGroup`."
  code: String!
  "The description of the `DiagnosesGroup`."
  description: String
  "The reason the `DiagnosesGroup` was deactivated."
  deactivationReason: String
  "Whether the `DiagnosesGroup` is active or not?"
  isActive: Boolean!
  "Date and time when record was inserted."
  insertedAt: DateTime!
  "Date and time when record was updated."
  updatedAt: DateTime!

  "Diagnosis codes wich belong to DiagnosesGroup."
  diagnosesGroupCodes(
    "A condition to be used in determining which values should be returned by the collection."
    filter: DiagnosesGroupCodeFilter
    "The method to use when ordering collection items."
    orderBy: DiagnosesGroupCodeOrderBy
    "Read all values in the set after (below) this cursor."
    after: String
    "Read all values in the set before (above) this cursor."
    before: String
    "Only read the first _n_ values of the set."
    first: Int
    "Only read the last _n_ values of the set."
    last: Int
  ): DiagnosesGroupCodeConnection!
}

Authorization

Verify the validity of access token
- in case of error - return 401 (“Invalid access token”) in case of validation fails
Verify that token is not expired
- in case of error - return 401 (“Invalid access token”)
Check user scopes in order to perform this action (scope = 'diagnoses_group:read')
- return 403 (“Your scope does not allow to access this resource. Missing allowances: diagnoses_group:read”) in case of invalid scope(s)

Validate legal entity

Extract client_id from token.
Check client scopes in order to perform this action (scope = 'diagnoses_group:read')
- in case of error - return 403 (“Your scope does not allow to access this resource. Missing allowances: diagnoses_group:read”)
Check client_type = NHS
- in case of error - return 403 ('You don’t have permission to access this resource')
Check legal entity status (status = ACTIVE)
- In case of error - return 409 ('client_id refers to legal entity that is not active')

Search params

Search with a few params performs according to the logical AND rule.

id. Search by diagnoses_groups.id (used to get group details)
name. Search by diagnoses_groups.name
is_active. Search by diagnoses_groups.is_active
item_code. Search by diagnoses_groups.code
item_name. Search by code description for dictionaries
(diagnoses_group_codes dc
join dictionaries d
on dc.system = d.name and dc.code = d.values.code)
item_type (string). Limits the search to the following items:
- <system> - search within specified dictionary. Where <system> is eHealth/ICD10_AM/condition_codes or eHealth/ICPC2/condition_codes

Service logic

Render diagnoses_groups array with nested array of diagnoses_group_codes that match the search params