ЕСОЗ - публічна документація
Private. Assign Contract Request by NHS Employee
- Dmytro Kulibaba (Unlicensed)
- Oleksandr Zhuk (SoE eHealth)
Purpose
This WS is designed to appoints an executor (employee), who should Update Contract Request from NHS side.
Specification
Link | Посилання на Apiary або Swagger | |
Resource | /graphql | Посилання на ресурс, наприклад: /api/persons/create |
Scope | contract_request:update | Scope для доступу |
Components | Contracts | Зазначається перелік бізнес компонентів, які використовують цей метод, наприклад: ePrescription |
Microservices | API paragraph not found | Перелік мікросервісів, які використовує метод API, наприклад: Auth, ABAC |
Protocol type | GraphQL | Тип протоколу, який використовується запитом, наприклад: SOAP | REST |
Request type | POST | Тип запиту API, наприклад: GET, POST, PATCH… |
Sync/Async | API paragraph not found | Метод є синхронним чи асинхронним? |
Public/Private/Internal | Private | Потрібно зазначити тип методу за ступенем доступності |
Preconditions
Before this the contract request should be created from MSP/PHARAMCY side
Logic
This WS is designed for NHS employees. Before rewieving contract request it must be assign to NHS employee who will be responsible for this request. To assign employee contract it must be in status NEW, IN_PROCESS. After assigner was updated, contract request status will be changed to IN_PROCESS.
This query is also use to update existing assigner in Contract request.
Input parameters
Input parameter | Values | Type | Description | Example |
|---|---|---|---|---|
id |
| String | Contract request identifier. Required | d290f1ee-6c54-4b01-90e6-d701748f0851 |
employeeId |
| String | Employee identifier. Required | d9f328e1-23c4-40b0-ad12-9b7730e6e627 |
Request structure
Example:
Authorize
Verify the validity of access token
in case of error return 401 error “Access denied”
Check user scope contract_request:update in order to perform this action
in case of error generate 403 error “Your scope does not allow to access this resource. Missing allowances: contract_requests:update”
Headers
Наприклад:
Content-Type:application/json
Authorization:Bearer c2778f3064753ea70de870a53795f5c9
Request data validation
Validate user
extract user_id from token
extract client_id from token
Check if user is active
in case error return “User is not active”
check nhs_legal_entity is active
in case error return “Client is not active”
Check user role = "NHS ADMIN SIGNER"
in case error return "You don't have permission to access this resource"
Validate contract request id and status
Validate contract request ID exist
in case of error return “Contract Request not found”
Check contract_request.status in ('NEW', 'IN_PROCESS')
in case error return “Incorrect status of contract_request to modify it"
Validate request
Fetch prm.employees by $employee_id. Validate:
employees.legal_entity_id=$client_id
in case of error return “Invalid legal entity id”
employees.status=APPROVED
in case of error return “Invalid employee status”
check employee.party→ party_users→ users_roles→ roles exist role with name = 'NHS ADMIN SIGNER'
in case of error return “Employee doesn't have required role”
Processing
Update contract_requests.assignee_id (IL) - set $employee_id from request
Update contract_requests.status to ‘IN_PROCESS’
Update updated_at = now()
Update updated_by = $user_id
Response structure
Examples:
Post-processing processes
Add status to event manager
After status was changed (status = IN_PROCESS) - add new record to event_manager
field | value |
|---|---|
event_type | StatusChangeEvent |
entity_type | ReimbursementContractRequest |
CapitationContractRequest | |
entity_id | $.id |
properties.status.new_value | $.status |
event_time | $.updated_at |
changed_by | $.updated_by |
HTTP status codes
HTTP status code | Message | What caused the error |
|---|---|---|
200 | Response |
|
401 | Access denied | Invalid token |
403 | Your scope does not allow to access this resource. Missing allowances: {{scope}} | Scope is missing |
ЕСОЗ - публічна документація